Research Article
The Prediction of Serial Number in OpenSSL’s X.509 Certificate
Algorithm 4
Guess the serial number.
Step 1: Attacker applies for a certificate to target CA and records the submitting time in seconds. | |
Step 2: Attacker receives the certificate, checks the time Tb of “not before” in certificate and the time Ta of “not after”, | |
and computes and . | |
Step 3: According to the Algorithms 1 and 2, attacker brutes force the every 100-nanosecond (for Windows) or every | |
microsecond (for Linux) in to find which time seed is used to generate the certificate (totally or ) | |
Step 4: Attacker selects a future time as the time of “not before” of the target forged certificate | |
Step 5: Attacker randomly selects a value of m, which satisfies the condition: | |
(for Windows XP) | |
(for Ubuntu) | |
Step 6: According to the Algorithms 1 and 2, attacker computes the candidate serial numbers | |
with the seed of (in seconds) and +100144m(in 100nanoseconds) or +1008m(in microseconds). | |
Step 7: Attacker uses the candidate serial numbers, as “not before”, and as “not after”, | |
to generate forged certificates according to the Stevens’s method [3]. | |
Step 8: Attacker submits the application at the time and get the signature of the certificate. |