Phuctor Finds Seven Keys Produced With Null RNG, And Other Curiosities

Phuctor is a public service, operated by S.NSA. It catalogues extant RSA public keys which are known to be inexpensively breakable.1

Recently, Phuctor's algorithmic arsenal was expanded to include a search for perfect squares, which was then further generalized to Fermat's factorization method. A perfect square RSA modulus results from an ill-conceived, subverted, or otherwise catastrophically-broken key generator where a cryptographic prime P is created and immediately re-used verbatim, as prime Q. An RSA modulus factorable via Fermat's method contains two factors which are dangerously (i.e., cheaply-discoverably) close together. This typically results from a lulzimplementation of RSA where prime Q is generated by finding NextPrime(P), rather than independently.

The perfect square finder immediately yielded up a modulus which consisted merely of the square of the next prime following 2^1023. This type of RSA public modulus is consistent with a scenario where a PGP client is operated on a system containing a null-outputting RNG. This trivially-breakable modulus was found to occur in no fewer than seven RSA public keys, claiming the following user IDs:

  1. Mahmood Khadeer <mhkhadee AT>
  2. none <algemeenoptie2 AT>
  3. Godless Prayer <godless.prayer AT>
  4. john <john.k.pescador AT>
  5. Bjoern Schroedel <bjoern AT>
  6. Bjoern Schroedel <bjoern.schroedel AT>
  7. Nick Ruston <alliancemicro AT>

Mr. Pescador appears to be, or to have once been, an employee of the State of Hawaii, a curator of (archived), and — apparently — of an empty GitHub repository. (archived). Mr. Khadeer is the President of the Muslim Association of Puget Sound (MAPS) in Redmond (archived), famous primarily for 'heartfelt condemnations' (archived) of this and that, published like clockwork for the past decade. Not much is publicly known about the other victims and/or perpetrators of brain-damaged cryptography in the above list.

The subsequent search for Fermat-factorable RSA moduli yielded exactly one additional result. This very peculiar PGP public key is suggestive of an aborted attempt at the development of a cross-site scripting (XSS) attack against PGP users who might decode the key and display its User ID field in certain WWW browsers.

Peace in our ctime();

  1. For the comedic gold let it be pointed out that prior to Phuctor's existence this kind of key simply did not exist, as per official truth. Nowadays they "obviously" do exist, but after the failure of embrace-extend-hijack attempts spearheaded by Hanno Böck, the deceitful shitbag they're simply "not interesting" as per the same official narrative ; and moreover, systematic causes for their existence still do not exist, at any rate not past "Cosmic Rays did it". Certainly the involvement of the usual array of inept USG agencies can not possibly be suspected. Isn't official nonsense ever so fascinating ? 

4 thoughts on “Phuctor Finds Seven Keys Produced With Null RNG, And Other Curiosities

  1. Nick Ruston/Alliance Micro is IC contractor(?):

  2. Congrats to everyone involved on this remarkable find!

    I note in passing that though the pgp keys in question do not import into gpg, they can be imported in a couple javascript pgp-trons: and to produce messages which appear to be encrypted solely for the eyes of John the Fisherman and his unlikely friends. Messages thusly created will also be accessible to the saboteurs who created these keys.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>