Every version of PuTTY released over the past 7 years contains a critical vulnerability that allows for the recovery of certain types of secret encryption keys, specifically 521-bit ECDSA. An adversary in possession of a “few dozen signed messages” and the public key can recover the private key. I’m curious to know how widely this vulnerability is likely to be felt. I’m guessing most people have already replaced keys with only 512 bits, which I’m further guessing are already susceptible to factorization. Can anyone confirm or disabuse me of these guesses?
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
Dan Goodin /
npub1z3…8qvzu
2024-04-15 20:56:04
Author Public Key
npub1z3lwfekw80j4ngzg6ky3ks202xr6uwnd4jttxzsd4euc9l55euvq48qvzuPublished at
2024-04-15 20:56:04Event JSON
{
"id": "be248db850ddd064dada2afc87b2d14683864b0c4b5d5293e4a5b33c712d33ff",
"pubkey": "147ee4e6ce3be559a048d5891b414f5187ae3a6dac96b30a0dae7982fe94cf18",
"created_at": 1713214564,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/dangoodin/statuses/112277229717414765",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/dangoodin/statuses/112277229717414765",
"pink.momostr"
]
],
"content": "Every version of PuTTY released over the past 7 years contains a critical vulnerability that allows for the recovery of certain types of secret encryption keys, specifically 521-bit ECDSA. An adversary in possession of a “few dozen signed messages” and the public key can recover the private key. I’m curious to know how widely this vulnerability is likely to be felt. I’m guessing most people have already replaced keys with only 512 bits, which I’m further guessing are already susceptible to factorization. Can anyone confirm or disabuse me of these guesses?\n\nhttps://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html",
"sig": "087d364fad91a1a53f0a8a2120a6cfd36878040f60221c2000c903e651cccc20214c96816e63a164940ec7e7afe0c5c4d6ee4e1b83729802f815315045efaca9"
}