Annual Computer Security Applications Conference (ACSAC) 2023

Detecting Weak Keys in Manufacturing Certificates: A Case Study

Weak entropy is an industry-wide challenge for network device vendors. We conducted a large scale analysis of RSA keys in about 226 million device certificates from one vendor, covering products that were manufactured over a 12-year time period. By focusing on specific data features of the manufacturing certificates, we tested for common keys and common factors across distinct devices. The scale of our analysis enabled the detection of entropy failures that manifested in the RSA keys of millions of devices. The affected devices included several products not implicated in any prior studies, resulting in the discovery of three new vulnerabilities in actively supported products. The entropy failures were complex, resulting from both low initial entropy and the faulty composition of manufacturing processes. Most affected product families were lower-margin devices past their end-of-support date; higher-end products that used a vendor-sanctioned hardware entropy source did not exhibit these weaknesses. However, our findings warrant more proactive and systematic entropy testing by device vendors.

Andrew Chi
Cisco Systems

Brandon Enright
Cisco Systems

David McGrew
Cisco Systems

Paper (ACM DL)