Members of the Google Security Team have published the Paranoid open library, designed to detect untrusted cryptographic artifacts such as public keys and digital signatures created in vulnerable hardware (HSM) and software systems. The code is written in Python and distributed under the Apache 2.0 license.
The project may be useful for indirectly assessing the use of algorithms and libraries that have known gaps and vulnerabilities that affect the reliability of generated keys and digital signatures, if the artifacts being checked are generated by hardware that is inaccessible for verification or closed components that are a black box. The library can also analyze sets of pseudo-random numbers for the reliability of their generator, and, using a large collection of artifacts, identify previously unknown problems that arise due to programming errors or the use of unreliable pseudo-random number generators.
When checking the contents of the public log CT (Certificate Transparency), which includes information about more than 7 billion certificates, using the proposed library, no problematic public keys based on elliptic curves (EC) and digital signatures based on the ECDSA algorithm were found, but problematic public keys were found on based on the RSA algorithm. In particular, 3586 keys were identified that were generated by the code with the unpatched vulnerability CVE-2008-0166 in the OpenSSL package for Debian, 2533 keys associated with the vulnerability CVE-2017-15361 in the Infineon library, and 1860 keys with the vulnerability associated with finding the largest common divisor (GCD). Information about the problematic certificates remaining in use was sent to certification centers for their revocation.
Source: opennet.ru