An Empirical Analysis of RSA Common-Factor Vulnerabilities in Contemporary TLS Certificates from Latin America

Introduction: The security of RSA cryptographic systems critically depends on the proper generation of large prime numbers. Entropy failures during this process may cause different keys to share common prime factors, compromising private keys and exposing digital systems to cryptographic attacks.
Objective: To analyze whether the vulnerability associated with shared prime factors in RSA keys, reported in previous studies, persists in a contemporary context within TLS certificates linked to Latin American domains.
Method: A quantitative and computational approach was adopted, based on the cryptographic analysis of RSA public keys. A dataset of 1,444 valid RSA moduli was collected from TLS certificates associated with Latin American domains, using Certificate Transparency logs obtained through the crt.sh platform. Subsequently, an exhaustive pairwise greatest common divisor, GCD, computation was performed to identify possible shared prime factors among the analyzed moduli.
Results: The results showed no evidence of RSA moduli sharing non-trivial common factors within the sample analyzed. This indicates that the specific vulnerability reported in earlier studies, related to entropy failures and accidental reuse of prime factors, was not observed in the studied certificate set.
Conclusions: The findings suggest significant improvements in cryptographic key generation practices over the past decade, at least within the sample analyzed. However, the study highlights the importance of continuous cryptographic auditing to promptly detect potential weaknesses in digital security infrastructures.