Techly NewsGet the app

Get the latest tech news

Cracking a 512-bit DKIM key for less than $8 in the cloud


How We Cracked a 512-Bit DKIM Key for Less Than $8 in the Cloud In our study on the SPF, DKIM, and DMARC records of the top 1M websites, we were surprised to uncover more than 1,700 public DKIM keys that were shorter than 1,024 bits in length. This finding was unexpected, as RSA keys shorter than 1,024 bits are considered insecure, and their use in DKIM has been deprecated since the introduction of RFC 8301 in 2018.

Fortunately, we found a powerful open-source tool called CADO-NFS, which offers an easy-to-use implementation of the Number Field Sieve (NFS) algorithm — the most efficient method available for factoring large integers. Although opting for a more powerful server or distributing the workload across several systems (a process simplified by CADO-NFS) could have expedited the task, we weren’t pressed for time and didn’t mind the wait. Domain owners must also take action by reviewing their DNS settings for any outdated DKIM records that don’t comply with the 1,024-bit minimum standard.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of cloud

cloud

Photo of bit dkim key

bit dkim key

Related news:

News photo

Microsoft plans to invest $3B in AI, cloud in India

News photo

Screwed by the cloud: Hardware vendors looking for that raison d'refresh

News photo

ByteDance plans to sidestep U.S. sanctions by renting Nvidia GPUs in the cloud — report says it has set aside $7 billion budget

« why you should stop using LinkedIn for your career
Spinal cord injuries from mountain biking exceed hockey, other high-risk sports »