Researchers discover weakness in IoT digital certificates – Naked Security
Researchers at online digital certificate management services company Keyfactor studied millions of digital certificates found online which were produced using the RSA algorithm. They found that 1 in every 172 certificates was crackable because of insecure random number generation.
RSA’s encryption algorithm is the basis for modern asymmetric encryption, which uses a pair of keys (a public and private key) to encrypt information and prove the sender’s identity. Part of the public key production involves multiplying two prime numbers (known as factors). It is computationally prohibitive to calculate the two prime numbers in reverse from the result. You can only decrypt the information by combining the private key (known only to the owner) and the public key.