Redirecting you to
Podcast Aug 23, 2023

Root Causes 328: What Is the Debian Weak Key Flaw?

In 2008 the world of SSL was shocked by the discovery of a flaw in a popular operating system that limited the total set of possible private keys on this OS to about 32,000. We explain what happened, industry response, and its consequences.

  • Original Broadcast Date: August 23, 2023

Episode Transcript

Lightly edited for flow and brevity.

  • Tim Callan

    So this is going to be a way back in time, back in history episode. We want to talk about something that some people may have heard of, probably a lot of them haven't, that most of us probably don't remember very well, but at the time, it was a big deal and I think it was a precursor to some of the things to come. And we are talking of course about - not of course, you wouldn't know this - but we're talking about 2008’s Debian weak key flaw.

  • Jason Soroko

    That's when it was found and fixed. I think the bug was introduced as early as 2006. So, we're going back here quite a bit.

  • Tim Callan

    That's correct. The whole kerfluffle began in 2008. You're right. The bug had been in Debian for a couple years, in OpenSSL, in particular, in many, not all, but many branches of the Debian branch of Linux. And basically, there was a programming flaw that was discovered in OpenSSL and as a consequence, the total universe of keys, of private keys that you could generate was 32,768. That was it. You could only generate one of those. So if you got a key, any given key would look fine. Looks good. Looks random to me. But of course, it was one of a discrete and limited set of potential keys that could be generated. And though to a human being like you or me, that is a large number. To a computer, even a 2008 computer, that was not a very large number at all.

  • Jason Soroko

    Oh, heck no. That is a small number, for sure.

  • Tim Callan

    And so within a day, people had calculated and posted all of the potential keys. Within a couple of days, people had released toolkits you could use to very quickly search for these keys, certainly ostensibly, or at least, certainly to help IT teams find and eliminate them. But also, obviously, they could go into the other wrong hands and people could use these exact same tools to try to go find them and exploit them. And overnight, this went from nothing to a giant story and the OpenSSL flaw was fixed within like a week. I could look it up, but it wasn't very long. It was about that. But the keys lingered for decades. You still find them today.

  • Jason Soroko

    I'm not surprised at all.

  • Tim Callan

    And every one of those keys, if they're still out there, there's still one of these 32,768 known keys. Like it's just a very small universe and if you hit a random key, and you just wanted to see if you could hit it, if you had a little robot that just tried those, every once in a while, you're gonna get a hit. And that's that's now. That's in 2023. And back in the time, it was even worse, because that's in the era of long lived certificates. So this might have been the private key for a five year SSL certificate. So if I didn't swap my cert out, then for years later, somebody could still come and potentially exploit that particular vulnerability.

  • Jason Soroko

    I tell you, if we were podcasting back then Tim, that would have made the list.

  • Tim Callan

    And what's interesting about this is this is an early one. This is pre-Heartbleed. This is this is pre-Heartland. Like this was a very early major security flaw in the world of public SSL. And it was an eye opener at the time for a lot of people who kind of felt like this particular area of security was not really vulnerable. And at the time, there were a lot of people said, look, it's cryptographically secure, and RSA is great. And it's been mathematically proven, you can't break it, and it's all fine and I just don't need to worry about it. And that was that was a gee-whiz moment for a lot of people to say, okay, maybe all of this isn't as bullet proof and capable of just being ignored as I thought.

  • Jason Soroko

    Oh the things we've learned since then.

  • Tim Callan

    Exactly. Including other major OpenSSL flaws like Heartbleed. But that was a big one at the time. And so different CA’s took different postures. Some of them revoked the certs. Some of them wouldn't accept those keys for new certs. Some of them did nothing and all that stuff kind of coexisted in the world for quite a long time. And even to the point where I said, even now, today, if you could cruise through all of the keys, all the public keys available anywhere on the internet and sift it out, you would still find some of these. Even now.

  • Jason Soroko

    When you talk about Linux distributions, there are some that are so niche, they're often in these wild and wooly places, but Debian – it’s like just everywhere. Everywhere. And it’s the basis of just so many other it is the parent of so many other distributions that a lot of people have even forgot Debian is the center of it. And it really is. So, anyway, just amazing just how ubiquitous it is.

  • Tim Callan

    Exactly. So, this was just a little past. This is probably going to be a short episode, because there's not new news or anything here. But it's good to remember these things, right. And it's good to remember if it could have happened in the past, it can happen now. And the lessons we learn then we best not forget. And this was a big deal at the time.

  • Jason Soroko

    It certainly was. Like I say, if we were podcasting back then we definitely would have covered it. It would have been one of our bigger news items.

  • Tim Callan

    But if we were podcasting then we would have been major pioneers.

  • Jason Soroko

    That is true. That is true. We just didn't happen to be working at the same company at the time.

  • Tim Callan

    We didn't know each other. But other than that, yes. But anyway, that's all. Just wanted to share that with the listeners in case we don't remember that. It's a good thing to have in your history of public certificates in SSL and their world and what went on.

  • Jason Soroko

    There you go. Good reminder of things that have been in the past but have echoed so many times since.