PDA

View Full Version : [all variants] How compromised are those openssl key?



Biochem
May 24th, 2008, 03:22 AM
I'm not necesseraly interested in the technicalities but on a more practical level.

Like how long will it take to brake a compromised openssl key on todays hardware?

Monicker
May 24th, 2008, 04:13 AM
This might help to answer your question: http://www.metasploit.com/users/hdm/tools/debian-openssl/


Q: How long does it take a crack a SSH user account using these keys?
A: This depends on the speed of the network and the configuration of the SSH server. It should be possible to try all 32,767 keys of both DSA-1024 and RSA-2048 within a couple hours, but be careful of anti-brute-force scripts on the target server.

EDIT: Though the above is specifically about ssh, I believe the ssl piece was also using the same relatively small key space because of the PRNG flaw.

Biochem
May 24th, 2008, 04:23 AM
Hours! Wow i't worse thant I thought