Loading
Loading
Research · Cryptanalysis · 44.6 M certificates audited
Cryptanalytic audit of 44.6 million X.509 certificates collected via Certificate Transparency and active TLS probing. Four detectors (batch GCD, Fermat factorisation, Hidden Number Problem / lattice reduction, CA mis-issuance) run at corpus scale. Cryptographic risk has not disappeared — it has migrated into the firmware/IoT long tail, into voluntary key concentration at certain operators, and into time-handling design defects in embedded certificate generation code.
Under coordinated embargo
This research is undergoing coordinated disclosure with the affected vendors and operators. Public release scheduled for July 25, 2026.
Mode A — RSA migration into the IoT/firmware long tail: 47 distinct findings, RSA-2048 with e=17, 1040-bit moduli still observable in 2026
Mode B — Voluntary ECDSA key concentration: 25,105 certificates over 9 keys, including one cluster signing 18,866 certificates with a single key
Mode C — Lifetime design defects: 1,017 certificates with notAfter hard-coded to 2038-01-19 (INT_MAX of the signed 32-bit time_t)
Reproducible methodology (public CT logs + courteous TLS probing at 10–20 conn/s/port), zero positive result on the CT-visible commercial estate: the failure has moved from the bottom to the top of the stack
Certificate Transparency · Courteous TLS probing (10–20 conn/s/port) · Batch GCD · Fermat factorisation · Hidden Number Problem · Reproducible
We operate a free, accountless public service that runs the same detector chain used for this research. Submit a hostname or upload a PEM certificate, get the report in seconds.
Run the audit at audit.zetacert.com