Bias in RSA keypair detection, vulnerabilities, classification

Private and public RSA keys generated on smartcard or by software library

Dataset: RSA keys from software libraries
- Separate zip files for every library and length of RSA keys. Naming format: library_version_keylength.zip
Dataset: RSA keys from cryptographic smartcards
- Separate zip files for every library and length of RSA keys. Format: smartcard-numberOfKeys-keyLength.zip
Updated datasets:
- https://drive.google.com/drive/u/3/folders/0B0PpUrsKytcyMllkUHJ0RkZkdzA

Random data generated by smartcards

Dataset: Random data from cryptographic smartcards, up to 100MB
- Separate binary files for every smartcard obtained using RandomData.generate() on-card method. If more files for the same card were generated, appendix _0/1/2 is used. Format: smartcard_type.bin
Dataset: Random data from cryptographic smartcards, up to 1GB
- Separate binary files for every smartcard obtained using RandomData.generate() on-card method. If more files for the same card were generated, appendix _0/1/2 is used. Format: smartcard_type.bin

Tools for classification of single keys: https://github.com/crocs-muni/classifyRSAkey
Tools for classification of large-scale datasets (e.g., IPv4 TLS scan, Certificate Transparency log…): https://github.com/crocs-muni/acsac2017-data-tools
Detection tool for ROCA vulnerable keys: https://github.com/crocs-muni/roca

The Million-Key Question – Investigating the Origins of RSA Public Keys (detection of bias in RSA keys, attribution of public key to generating library) [USENIX Security 2016] https://crocs.fi.muni.cz/public/papers/usenix2016
The Million-Key Question - extended technical report [2016] https://crocs.fi.muni.cz/_media/public/papers/usenixsec16_1mrsakeys_trfimu_201603.pdf
ROCA: Vulnerable RSA generation (CVE-2017-15361) [CCS 2017]: https://crocs.fi.muni.cz/public/papers/rsa_ccs17
Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans [ACSAC 2017]: https://crocs.fi.muni.cz/papers/acsac2017

Datasets