Factoring RSA Keys with Many Zeros

A new class of weak RSA keys, known as 'keys with lots of zeros', has been discovered in the wild. These keys are generated by certain software products, including CompleteFTP and NetApp. The vulnerabilities affect a small minority of hosts, but highlight the potential for similar bugs in other implementations. Engineers should be aware of these vulnerabilities and consider updating their software. The discovery also raises questions about the possibility of a deliberately designed backdoor.