The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,805 other followers

RSA keys by Infineon chips or libraries can be cracked fast; Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping…

Posted by jpluimers on 2017/10/16

All of our house is wired by ethernet for a reason…

WPA2 Flawed. Once again, it turns out that designing something properly secure is really, really, REALLY hard.

[WayBack] Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping… – Lars Fosdal – Google+

[] If fixes exist, third party firmware will have it in days. Most OEMs, never. I do worry a lot about unfixable flaws in the wifi standards… – Kristian Köhntopp – Google+:

Dave reminds us that there is a reason why people mod the firmware of their Wifi routers, and that reason is actually now more critical than ever.

Via [WayBack] has a FAQ. Some interesting questions from there:… – Kristian Köhntopp – Google+:

[WayBackKRACK Attacks: Breaking WPA2 : This website presents the Key Reinstallation Attack (KRACK). It breaks the WPA2 protocol by forcing nonce reuse in encryption algorithms used by Wi-Fi.


Since we’re talking security, watch your RSA as it is way worse than the WPA2 one: []

We heard you liked the 10 WPA2 CVE’s, so »A 2nd major crypto vulnerability being disclosed… – Kristian Köhntopp – Google+ quoting

[WayBack] Dan Goodin‏ @dangoodin001: 2nd major crypto vulnerability being disclosed Monday involves millions of 1024- and 2048-bit RSA keys that are practically factorizable.

[WayBackROCA: Vulnerable RSA generation (CVE-2017-15361) [CRoCS wiki]

The time complexity and cost for the selected key lengths (Intel E5-2650 v3@3GHz Q2/2014):

  • 512 bit RSA keys – 2 CPU hours (the cost of $0.06);
  • 1024 bit RSA keys – 97 CPU days (the cost of $40-$80);
  • 2048 bit RSA keys – 140.8 CPU years, (the cost of $20,000 – $40,000).

[WayBack] New vulnerabilities found in RSA 1024 and 2048 bit keys. Estimated cost of cracking based on access to the Public key only: 1024 bit: $40 2048 bit: $20k… – Lars Fosdal – Google+

Jan Wildeboer did a nice explanation in laymen terms of both security issues published today:



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: