Alat ini terkait dengan makalah konferensi ACM CCS 2017 # 124 Kembalinya Serangan Coppersmith: Faktorisasi Praktis RSA Moduli yang Banyak Digunakan.
Ini memungkinkan Anda untuk menguji kunci RSA publik untuk keberadaan kerentanan yang dijelaskan.
Pembaruan: Makalah serangan sudah online, versi ACM.
Ini memungkinkan Anda untuk menguji kunci RSA publik untuk keberadaan kerentanan yang dijelaskan.
Pembaruan: Makalah serangan sudah online, versi ACM.
Saat ini alat mendukung format kunci berikut:
- X509 Certificate, DER encoded, one per file, *.der, *.crt
- X509 Certificate, PEM encoded, more per file, *.pem
- RSA PEM encoded private key, public key, more per file, *.pem (has to have correct header -----BEGIN RSA...)
- SSH public key, *.pub, starting with "ssh-rsa", one per line
- ASC encoded PGP key, *.pgp, *.asc. More per file, has to have correct header -----BEGIN PGP...
- APK android application, *.apk
- one modulus per line text file *.txt, modulus can be a) base64 encoded number, b) hex coded number, c) decimal coded number
- JSON file with moduli, one record per line, record with modulus has key "mod" (int, base64, hex, dec encoding supported) certificate(s) with key "cert" / array of certificates with key "certs" are supported, base64 encoded DER.
- LDIFF file - LDAP database dump. Any field ending with ";binary::" is attempted to decode as X509 certificate
- Java Key Store file (JKS). Tries empty password & some common, specify more with --jks-pass-file
- PKCS7 signature with user certificate
Download : https://github.com/crocs-muni/roca
