The survey was undertaken by European security consultancy firm SEC Consult. Sophos’ Naked Security Blog wrote about the company’s findings today. SEC Consult teamed up with CERT/CC, 50 different server vendors and various internet service providers to analyse how many devices on the web use known private keys to protect their HTTPS certificates.
The company found that over 4.5 million devices currently use known private keys. It represents a 40 percent increase in the number of insecure servers since last year. In November 2015, 3.2 million devices were using a known key. SEC Consult warned that device vendors and ISPs need to do more to keep private keys secure because the current state of affairs is putting users at risk.
Private keys are used to generate cryptographic signatures. The signing process cannot be reversed, keeping the private key secure. The idea is that a device or server can combine its private key with another string of data, a public key, to generate a unique signature.
This can then be handed out to a client device, such as a smartphone, and used to authenticate users on subsequent visits. The mechanism is called asymmetric encryption. Among many other uses, it powers HTTPS, the protocol facilitating secure connections between web browsers and servers.
“You generate public and private keys in pairs, a process that is much slower than actually using either of the keys later on, but nevertheless takes only a few seconds on a modern computer,” explains Sophos. “The mathematics of asymmetric encryption is such that: You can’t decipher the original data using just the public key. Only the private key can do that. You can’t figure out the private key from the public key. Keys can only be generated together in pairs.”
When a private key becomes public, attackers can use it to generate their own signatures. The server will verify them as genuine because the private key matches. This could allow an attacker to compromise secure HTTPS connections, steal data from servers or make malicious calls to external services. To help protect against this, private keys should be generated randomly for each device and stored in a place that can’t be accessed remotely. In too many cases, this isn’t happening though.
Often, manufacturers of devices such as home broadband routers store a private key in the router’s firmware. Generally, a single key is used for every shipped device. When a vendor issues a downloadable software update, attackers can pry the package apart and uncover the private key. This provides them with access to every device of that type.
In a similar way, the keys protecting HTTPS certificates can be exposed. In most cases, device manufacturers and internet service providers are at fault, opting not to implement secure private key generation methods for the sake of convenience. This puts users at risk and could lead to the breach of thousands of devices and servers with a single attack, providing a strong message to vendors that a more proactive approach to security is required.
