ANÁLISE DE CERTIFICADOS DIGITAIS EM DOMÍNIOS BRASILEIROS

Abstract

. We introduce a security requirement and its security assessment for an Internet protocol. Specifically, this work presents a verification of the RSA keys of digital certificates present in the Brazilian domains that use the HTTPS protocol. Such verification depends on randomness in the generation of prime numbers. We use Graph Theory concepts to get three results based on the data we collected from hundreds of millions of domains. In the first result, we performed an iteration on the certificates, generating hundreds of millions of veri-fications. Luckily, we show that HTTPS is safe from this attack. In the second, we show that many domains share the same cryptographic key. In the third, we show that only 1% of the certification authorities are relevant.