Abstract. The recent FREAK attack highlighted widespread support
for export-grade RSA keys in TLS servers. We present the results of
an IPv4-wide survey of TLS servers performed roughly one week after
FREAK was announced. We found that only 9.7% of servers now support
such export-grade RSA keys. However, we also found that some keys
are repeated with high frequency, making each of them an attractive
target for a direct factoring attack; one key in particular was repeated
28,394 times. We also computed the pairwise gcds of all the export-grade
RSA moduli that we found, leading to 90 factorisations. These moduli
correspond to 294 different hosts. The computation took less than 3
minutes on an 8-core system, saving the $9,000 that a cloud computation
would have cost if each modulus had been attacked directly. We consider
this to be a good return on investment for a Friday afternoon’s work.
for export-grade RSA keys in TLS servers. We present the results of
an IPv4-wide survey of TLS servers performed roughly one week after
FREAK was announced. We found that only 9.7% of servers now support
such export-grade RSA keys. However, we also found that some keys
are repeated with high frequency, making each of them an attractive
target for a direct factoring attack; one key in particular was repeated
28,394 times. We also computed the pairwise gcds of all the export-grade
RSA moduli that we found, leading to 90 factorisations. These moduli
correspond to 294 different hosts. The computation took less than 3
minutes on an 8-core system, saving the $9,000 that a cloud computation
would have cost if each modulus had been attacked directly. We consider
this to be a good return on investment for a Friday afternoon’s work.
more here........https://martinralbrecht.files.wordpress.com/2015/03/freak-scan1.pdf