Bias in RSA kepair detection, vulnerabilities, classification

Private and public RSA keys generated on smartcard or by software library

• Dataset: RSA keys from software libraries
  • Separate zip files for every library and length of RSA keys. Naming format: library_version_keylength.zip
• Dataset: RSA keys from cryptographic smartcards
  • Separate zip files for every library and length of RSA keys. Format: smartcard-numberOfKeys-keyLength.zip

Random data generated by smartcards

• Dataset: Random data from cryptographic smartcards, up to 100MB
  • Separate binary files for every smartcard obtained using RandomData.generate() on-card method. If more files for the same card were generated, appendix _0/1/2 is used. Format: smartcard_type.bin
• Dataset: Random data from cryptographic smartcards, up to 1GB
  • Separate binary files for every smartcard obtained using RandomData.generate() on-card method. If more files for the same card were generated, appendix _0/1/2 is used. Format: smartcard_type.bin

• Tools for classification of single keys: https://github.com/crocs-muni/classifyRSAkey
• Tools for classification of large-scale datasets (e.g., IPv4 TLS scan, Certificate Transparency log…): https://github.com/crocs-muni/acsac2017-data-tools
• Detection tool for ROCA vulnerable keys: https://github.com/crocs-muni/roca

• The Million-Key Question – Investigating the Origins of RSA Public Keys (detection of bias in RSA keys, attribution of public key to generating library) [USENIX Security 2016] https://crocs.fi.muni.cz/public/papers/usenix2016
• The Million-Key Question - extended technical report [2016] https://crocs.fi.muni.cz/_media/public/papers/usenixsec16_1mrsakeys_trfimu_201603.pdf
• ROCA: Vulnerable RSA generation (CVE-2017-15361) [CCS 2017]: https://crocs.fi.muni.cz/public/papers/rsa_ccs17
• Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans [ACSAC 2017]: https://crocs.fi.muni.cz/papers/acsac2017