Arjen K. Lenstra, James P. Hughes, Maxime Augier, Joppe W. Bos, Thorsten Kleinjung, and Christophe Wachter
We performed a sanity check of public keys collected on the web and found that the vast majority works as intended. Our main goal was to test the validity of the assumption that different random choices are made each time keys are generated. We found that this is not always the case, resulting in public keys that offer no security. Our conclusion is that generating secure public keys in the real world is challenging. We did not study usage of public keys.
Full paper: Ron was wrong, Whit is right, Cryptology ePrint Archive: Report 2012/064
|Published in||Crypto 2012|
|Series||Lecture Notes in Computer Science|