Ho notato che la maggior parte delle chiavi private DSA inizia spesso con gli stessi pochi caratteri, MIIBvAIBAAKBgQD
.
Ad esempio, genera una chiave privata su Ubuntu eseguendo:
ssh-keygen -t dsa -N '' -f /tmp/id_dsa
Questo risulta in un file di chiave privata che inizia con qualcosa di simile:
-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQD...
I primi 16 personaggi sono sospettosamente simili.
Prevedo che ssh-keygen
stia usando un nonce casuale prima di iniziare la cifratura. Supponendo che ssh-keygen
utilizzi un nonce casuale, perché i primi caratteri dei file di chiavi private DSA sono simili?
Usando uno script, ho scoperto che l'unicità ("casualità", buona entropia, ecc.) inizia al diciassettesimo personaggio.
leading char count 1 - unique combinations 1 among 100 generated keys leading char count 2 - unique combinations 1 among 100 generated keys leading char count 3 - unique combinations 1 among 100 generated keys leading char count 4 - unique combinations 1 among 100 generated keys leading char count 5 - unique combinations 2 among 100 generated keys leading char count 6 - unique combinations 4 among 100 generated keys leading char count 7 - unique combinations 6 among 100 generated keys leading char count 8 - unique combinations 5 among 100 generated keys leading char count 9 - unique combinations 4 among 100 generated keys leading char count 10 - unique combinations 4 among 100 generated keys leading char count 11 - unique combinations 4 among 100 generated keys leading char count 12 - unique combinations 4 among 100 generated keys leading char count 13 - unique combinations 4 among 100 generated keys leading char count 14 - unique combinations 4 among 100 generated keys leading char count 15 - unique combinations 7 among 100 generated keys leading char count 16 - unique combinations 87 among 100 generated keys leading char count 17 - unique combinations 100 among 100 generated keys leading char count 18 - unique combinations 100 among 100 generated keys leading char count 19 - unique combinations 100 among 100 generated keys leading char count 20 - unique combinations 100 among 100 generated keys leading char count 21 - unique combinations 100 among 100 generated keys ...
Ho usato il seguente codice bash per determinare questo
keyf=/tmp/id_dsa-${RANDOM} for upto in {1..35} ; do keys="${keyf}-${upto}" rm -f "${keys}" &>/dev/null for i in {0..99} ; do rm "${keyf}" &>/dev/null ssh-keygen -t dsa -N '' -f "${keyf}" &>/dev/null sed '2q;d' "${keyf}" | cut -b 1-"${upto}" >> "${keys}" done keys_count_all=$(cat "${keys}" | wc -l) keys_count_uniq=$(sort -u "${keys}" | wc -l) printf "leading char count %2d - unique combinations %3d among %3d generated keys\n" ${upto} ${keys_count_uniq} ${keys_count_all} done rm "${keyf}"