Arjen K. Lenstra (EPFL,
James
P. Hughes (Self,
Maxime Augier (EPFL,
Joppe W. Bos (EPFL,
Thorsten
Kleinjung (EPFL,
Christophe
Wachter (EPFL,
Abstract:
We performed a sanity check of public keys collected on the web and found
that the vast majority works as intended. Our main goal was to test the
validity of the assumption that different random choices are made each time
keys are generated. We found that this is not always the case, resulting in
public keys that offer no security. Our conclusion is that generating secure
public keys in the real world is challenging. We did not study usage of
public keys.