About keylookup

RSA is a widely used public-key cryptosystem.
It is secure because it is difficult to retrieve the private key given only the public key.
Retrieving the private key requires factorizing the public key modulus and is also known as integer factorization.

In some rare cases, two key pairs can be randomly generated with a common factor.
This usually happens when the random number generator being used has a bad entropy source or is not properly seeded.

We collect RSA public keys from various sources and analyze whether any of those keys have common factors.
Latest results show that there is about 1 key pair out of 1300 whose security is compromised because it shares a common factor with another publicly available key pair.
Our public key database contains over 340 million unique RSA moduli. Testing new keys against our full dataset only takes minutes.

Vulnerable keys that we have identified come from gitlab.com SSH keys, PGP keys, HTTPS websites X.509 certificates and more sources.

For further and upcoming information regarding this study, see the Kudelski Security research blog.

Testing keys

Keylookup accepts X.509 certificates in PEM format, PGP keys in ASCII armored format and SSH keys in Openssh format.

Keys are tested for common factors and the ROCA vulnerability in case of RSA keys. We also perform sanity checks on other key types, including ECC key point on curve validation.

X.509 certificate example

-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIRAJ+Fv2ZLDN2vylCGeVAbK+QwDQYJKoZIhvcNAQELBQAw
XzELMAkGA1UEBhMCRlIxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEO
MAwGA1UEChMFR2FuZGkxIDAeBgNVBAMTF0dhbmRpIFN0YW5kYXJkIFNTTCBDQSAy
MB4XDTE2MTAxMTAwMDAwMFoXDTE5MTAxMTIzNTk1OVowWzEhMB8GA1UECxMYRG9t
YWluIENvbnRyb2wgVmFsaWRhdGVkMSEwHwYDVQQLExhQb3NpdGl2ZVNTTCBNdWx0
aS1Eb21haW4xEzARBgNVBAMTCmtlcm5lbC5vcmcwggGiMA0GCSqGSIb3DQEBAQUA
A4IBjwAwggGKAoIBgQCxqy/HJ6O+92eAyTSb871SgeGnmof5O3s/VIHMy12aoLJn
+dFu/Q7POBewQcqKSHxL+nteAjuKqEKuTkqm4NvhxY/112cCfymXMwwpfkmNVcr6
orw4bCsjkvsWBrw/uZNhr8ghgkK9SaU7NMgusVJ0Fu9dOu+qDlN2CkqBBz+5Bvdk
nxkSX8GpkNRYvdeloZEUXmPaNpZs5Tau/U5so1oQAarUSEqrcdjriXfV3cGcweBn
5KUldlB26t54Do1wYLAenYo9x4SBiQ15C55xIQVqErQrgukXlBaTU3fVZNXziGul
d5Ql/bYMBuU0U9oF7M8nNoXMvQ8wJisDlPDM8kFiQeHbvR3TTimpUKpJT1axwwV1
U0q71rCSzeGqlcUJTVen76Y3MvldgcnitTqFaQHIz76jqxthr06cN8S36VvMKb+R
fF3IDK03qvvjdnrPGAsFQuXmoKlBV+zWtPsHsZ7MxDlL62yPxqh3ZO3/dxk7yrhi
IeF9Y5DolSkca8hpO2UCAwEAAaOCAeUwggHhMB8GA1UdIwQYMBaAFLOQp9jJr07N
YTyffK1df0H9aTDqMB0GA1UdDgQWBBSzPZhuYWFOGfHdcTYTXTuexlV59jAOBgNV
HQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwSwYDVR0gBEQwQjA2BgsrBgEEAbIxAQICGjAnMCUGCCsGAQUFBwIB
FhlodHRwczovL2Nwcy51c2VydHJ1c3QuY29tMAgGBmeBDAECATBBBgNVHR8EOjA4
MDagNKAyhjBodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vR2FuZGlTdGFuZGFyZFNT
TENBMi5jcmwwcwYIKwYBBQUHAQEEZzBlMDwGCCsGAQUFBzAChjBodHRwOi8vY3J0
LnVzZXJ0cnVzdC5jb20vR2FuZGlTdGFuZGFyZFNTTENBMi5jcnQwJQYIKwYBBQUH
MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wXQYDVR0RBFYwVIIKa2VybmVs
Lm9yZ4ISYXJjaGl2ZS5rZXJuZWwub3Jngg5naXQua2VybmVsLm9yZ4ISbWlycm9y
cy5rZXJuZWwub3Jngg53d3cua2VybmVsLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEA
j4rwc5ecNh/sjPBNfPykgMMvCqlTtjvTtIOE4PRNn0C/lO6XFZdR23ze+OVcyAwM
Q2+sltel0i0XQ4ta75b+J7momrW4WCx0vWyGIi5VHrdMN4zqMlQ3DljJEyKbTT4u
GmATIN166ldJuu2grAmKAYA8hY6MD+2PSbgxLILTnqHsVHLEAvI81f1pLj1wNOW+
908gAan3FbNlaRNz6q+eQ1xhTVNaO3yJv8HooFifbEg/5oZcktXzKSMUmkgRUUsq
eEDxaDov7umHc+1dYxk2ooN2zKb9VoirAF0bh2s2UHUuJ6BAXtsBX0WdRiK9rsb+
QGEwGHMNc6oRvUYCvEWgKA==
-----END CERTIFICATE-----

PGP key example

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBE55CJIBCACkn+aOLmsaq1ejUcXCAOXkO3w7eiLqjR/ziTL2KZ30p7bxP8cT
UXvfM7fwE7EnqCCkji25x2xsoKXB8AlUswIEYUFCOupj2BOsVmJ/rKZW7fCvKTOK
+BguKjebDxNbgmif39bfSnHDWrW832f5HrYmZn7a/VySDQFdul8Gl/R6gs6PHJbg
jjt+K7Px6cQVMVNvY/VBWdvA1zckO/4h6gf3kWWZN+Wlq8wv/pxft8QzNFgweH9o
5bj4tnQ+wMCLCLiDsgEuVawoOAkg3dRMugIUoiKoBKw7b21q9Vjp4jezRvciC6Ys
4kGUSFG1ZjIn3MpY3f3xZ3yuYwrxQ8JcA7KTABEBAAG0JExpbnVzIFRvcnZhbGRz
IDx0b3J2YWxkc0BrZXJuZWwub3JnPokBTgQTAQgAOBYhBKuvEcZaKXCxMKvjxHm+
PkMAQRiGBQJaHxkTAhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEHm+PkMA
QRiGzMcH/ieyxrsHR0ng3pi+qy1/sLiTT4WEBN53+1FsGWdP6/DCD3sprFdWDkkB
Dfh9vPCVzPqX7siZMJxw3+wOfjNnGBRiGj7mTE/1XeXJHDwFRyBEVa/bY8ExLKbv
Bf+xpiWOg2Myj5RYaOUBFbOEtfTPob0FtvfZvK3PXkjODTHhDH7QJT2zNPivHG+E
R5VyF1yJEpl10rDTM91NhEeV0n4wpfZkgL8a3JSzo9H2AJX3y35+Dk9wtNge440Z
SVWAnjwxhBLX2R0LUszRhU925c0vP2l20eFncBmAT0NKpn7v9a670WHv45PluG+S
KKktf6b5/BtfqpC3eV58I6FEtSVpM1u5AQ0ETnkIkgEIAN+ybgD0IlgKRPJ3eksa
fd+KORseBWwxUy3GH0yAg/4jZCsfHZ7jpbRKzxNTKW1kE6ClSqehUsuXT5Vc1eh6
079erN3y+JNxl6zZPC9v+5GNyc28qSfNejt4wmwa/y86T7oQfgo77o8Gu/aO/xzO
jw7jSDDR3u9p/hFVtsqzptxZzvs3hVaiLS+0mar9qYZheaCUqOXOKVo38Vg5gkOh
MEwKvZs9x3fINU/t8ckxOHq6KiLap5Bq87XP0ZJsCaMBwdLYhOFxAiEVtlzwyo3D
vMplIahqqNELb71YDhpMq/Hu+42oR3pqASCPLfO/0GUSdAGXJVhv7L7ng02ETSBm
VOUAEQEAAYkBHwQYAQIACQUCTnkIkgIbDAAKCRB5vj5DAEEYhuobB/9Fi1GVG5qn
Pq14S0WKYEW3N891L37LaXmDh977r/j2dyZOoYIiV4rx6a6urhq9UbcgNw/ke01T
NM4y7EhW/lFnxJQXSMjdsXGcb9HwUevDk2FMV1h9gkHLlqRUlTpjVdQwTB9wMd4b
WhZsxybTnGh6o8dCwBEaGNsHsSBYO81OXrTE/fcZEgKCeKW2xdKRiazu6Mu5WLU6
gBy2nOc6oL2zKJZjACfllQzBx5+6z2N4Sj0JBOobz4RR2JLElMEckMbdqbIS+c+n
02ItMmCORgakf74k+TEbaZx3ZTVHnhvqQqanZz1i4I5IwHJxkUsYLddgYrylZH+M
wNDlB5u3I138
=RrrU
-----END PGP PUBLIC KEY BLOCK-----

SSH key example

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCoQ9S7V+CufAgwoehnf2TqsJ9LTsu8pUA3FgpS2mdVwcMcTs++8P5sQcXHLtDmNLpWN4k7NQgxaY1oXy5e25x/4VhXaJXWEt3luSw+Phv/PB2+aGLvqCUirsLTAD2r7ieMhd/pcVf/HlhNUQgnO1mupdbDyqZoGD/uCcJiYav8i/V7nJWJouHA8yq31XS2yqXp9m3VC7UZZHzUsVJA9Us5YqF0hKYeaGruIHR2bwoDF9ZFMss5t6/pzxMljU/ccYwvvRDdI7WX4o4+zLuZ6RWvsU6LGbbb0pQdB72tlV41fSefwFsk4JRdKbyV3Xjf25pV4IXOTcqhy+4JTB/jXxrF