all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Randomness of random in Cisco ASA

Add to bookmarks
June 12, 2023, 7:42 a.m. |

IACR News www.iacr.org

ePrint Report: Randomness of random in Cisco ASA

Ryad Benadjila, Arnaud Ebalard


It all started with ECDSA nonces and keys duplications in a large amount of X.509 certificates generated by Cisco ASA security gateways, detected through TLS campaigns analysis.


After some statistics and blackbox keys recovery, it continued by analyzing multiple firmwares for those hardware devices and virtual appliances to unveil the root causes of these collisions. It ended up with keygens to recover RSA keys, ECDSA keys and signatures …

analysis asa campaigns certificates cisco cisco asa ecdsa eprint report generated keys large random randomness recovery report security statistics tls

Visit resource

More from www.iacr.org / IACR News

Graz Security Week 2024 - Summer School on Security, Privacy and Correctness 1 day, 21 hours ago | www.iacr.org
correctness date event privacy +6
$\mathsf{FRAST}$: TFHE-friendly Cipher Based on Random S-boxes 3 days ago | www.iacr.org
cipher client communication computational +11
An NVMe-based Secure Computing Platform with FPGA-based TFHE Accelerator 3 days ago | www.iacr.org
accelerator claude computing eprint report +10
Improved Conditional Cube Attacks on Ascon AEADs in Nonce-Respecting Settings -- with a Break-Fix Strategy 3 days ago | www.iacr.org
aead ascon attacks bits +8
Efficient Universally-Verifiable Electronic Voting with Everlasting Privacy 3 days ago | www.iacr.org
electronic eprint report players privacy +3
A Deniability Analysis of Signal's Initial Handshake PQXDH 3 days ago | www.iacr.org
analysis apps called christian +16
Multi-Client Functional Encryption with Public Inputs and Strong Security 3 days ago | www.iacr.org
access access control challenge client +11
BGJ15 Revisited: Sieving with Streamed Memory Access 3 days ago | www.iacr.org
access algorithms analysis depth +7
Quantum Key-Revocable Dual-Regev Encryption, Revisited 3 days ago | www.iacr.org
can cryptographic encryption eprint report +8

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Senior - Penetration Tester

@ Deloitte | Madrid, España
View on infosec-jobs.com

Associate Cyber Incident Responder

@ Highmark Health | PA, Working at Home - Pennsylvania
View on infosec-jobs.com

Senior Insider Threat Analyst

@ IT Concepts Inc. | Woodlawn, Maryland, United States
View on infosec-jobs.com