Home > slashdot > Database of Private SSL Keys Published

Database of Private SSL Keys Published

December 20th, 2010 12:06 admin Leave a comment Go to comments

Trailrunner7 writes “A new project has produced a large and growing list of the private SSL keys that are hard-coded into many embedded devices, such as consumer home routers. The LittleBlackBox Project comprises a list of more than 2,000 private keys right now, each of which can be associated with the public key of a given router, making it a simple matter for an attacker to decrypt the traffic passing through the device. Published by a group called /dev/ttyS0, the LittleBlackBox database of private keys gives users the ability to find the key for a specific router in several different ways, including by searching for a known public key, looking up a device’s model name, manufacturer or firmware version or even giving it a network capture, from which the program will extract the device’s public certificate and then find the associated private SSL key.”

Source: Database of Private SSL Keys Published

Related Articles:

  1. Github Kills Search After Hundreds of Private Keys Exposed
  2. Private Keys Stolen Within Hours From Heartbleed OpenSSL Site
  3. Lab Samples Database “JuliaBase” Published As Open Source
  4. Anonymous Source Claims Feds Demand Private SSL Keys From Web Services
  5. Factorable Keys: Twice As Many, But Half As Bad
blog comments powered by Disqus