When Private Keys are Public: Results from the 2008 Debian OpenSSL Vulnerability

Authors

Scott Yilek, Eric Rescorla, Hovav Shacham, Brandon Enright, and Stefan Savage

Abstract

We report on the aftermath of the discovery of a severe vulnerability in the Debian Linux version of OpenSSL. Systems affected by the bug generated predictable random numbers, most importantly public/private keypairs. To study user response to this vulnerability, we collected a novel dataset of daily remote scans of over 50,000 SSL/TLS-enabled Web servers, of which 751 displayed vulnerable certificates. We report three primary results. First, as expected from previous work, we find an extremely slow rate of fixing, with 30% of the hosts vulnerable when we began our survey on day 4 after disclosure still vulnerable almost six months later. However, unlike conventional vulnerabilities, which typically show a short, fast fixing phase, we observe a much flatter curve with fixing extending six months after the announcement. Second, we identify some predictive factors for the rate of upgrading. Third, we find that certificate authorities continued to issue certificates to servers with weak keys long after the vulnerability was disclosed.

Reference

Scott Yilek, Eric Rescorla, Hovav Shacham, Brandon Enright, and Stefan Savage.
When Private Keys are Public: Results from the 2008 Debian OpenSSL Vulnerability.
Proceedings of the 9th ACM SIGCOMM Conference on Internet Measurement - IMC 2009, pp. 15-27, ACM, 2009.

[BibTex]

Versions

PDF
ACM Digital Library

See Also

IMC 2009