安全是有分量的

高防ddos_DHCP服务器防御_秒解封

2022-01-12 08:20栏目:科技报

高防ddos_DHCP服务器防御_秒解封

If you were out in Las Vegas this year for DEF CON, you might have caught our very own Yolan Romailler and Nils Amiet from Kudelski Security’s Research team present Breaking and Reaping Keys at Scale: When Crypto Meets Big Data. In this talk, the two discussed how they had built a key reaping machine and collected over 340 million public keys. A number larger than previous research and which continues to grow.

These collected keys were then checked for vulnerabilities such as ROCA and factorization using Batch GCD. A vulnerability, in this case, means a retrieval of the private key allowing for compromise of sensitive data. One of the demos showed how an attacker could leverage the recovered private key from one of these attacks to log into an SSH service of another user.

The full list of stats and data is included in the attached slide deck.

Conference Materials

Here is the updated slide deck from DEF CON 26.

Breaking and Reaping Keys at Scale: When Crypto Meets Big Data

Below is a demo used during the talk that demonstrated how it could be possible to use a recovered private key to log into an ssh service.

Keylookup

As part of the presentation given at DEF CON 26, one of the outputs was Kudelski Security’s Keylookup application. On this site, you can submit your own public keys and have them tested against our dataset. We will let you know if your key is vulnerable to Batch GCD and ROCA attacks. If your key is in our database, we will be able to give you an answer immediately, if it is not, you may have to wait a bit until the tests complete.

Try it out today.

https://keylookup.kudelskisecurity.com/

Code

We open sourced the code for our k-reaper as well as some scannerl modules related to the project.

https://github.com/kudelskisecurity/k-reaper

https://github.com/kudelskisecurity/scannerl

More updates to come.

Share:Click to print (Opens in new window)Click to email this to a friend (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Twitter (Opens in new window)Click to share on Reddit (Opens in new window) Related Taking the (quantum) leap with goMay 27, 2021In "quantum computing"Reaping and breaking keys at scale: when crypto meets big dataOctober 16, 2018In "Conferences and events"Defeating Quantum Algorithms with Hash FunctionsFebruary 1, 2017In "Crypto"

,高防cdn哪个好,云锁防御ddos,国内外高防CDN,防御局域网ddos攻击,通过代理服务器防御ddos