CVE-2021-41117 – The keypair library generates identical RSA key... (How to Fix)

Q: What is the severity of CVE-2021-41117?

CVE-2021-41117 has a CVSS score of 8.7 (HIGH). The keypair library generates identical RSA keys due to flawed random number generation, particularly in Node.js environments. This allows attackers to guess private keys, potentially decrypting encrypted communications or gaining unauthorized access to systems using these keys. Anyone using the keypair library to generate RSA keys for SSH, TLS, or other cryptographic purposes is affected.

📋 TL;DR

The keypair library generates identical RSA keys due to flawed random number generation, particularly in Node.js environments. This allows attackers to guess private keys, potentially decrypting encrypted communications or gaining unauthorized access to systems using these keys. Anyone using the keypair library to generate RSA keys for SSH, TLS, or other cryptographic purposes is affected.

💻 Affected Systems

Products:

keypair library

Versions: All versions prior to 1.0.4

Operating Systems: All platforms running Node.js or browser environments

Default Config Vulnerable: ⚠️ Yes

Notes: Node.js environments are particularly vulnerable due to the flawed CSPRNG fallback path. Browser environments using window.crypto.getRandomValues() are less affected but still use insecure fallbacks.

📦 What is this software?

Keypair by Keypair Project

View all CVEs affecting Keypair →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of encrypted communications, unauthorized access to all systems using affected keys, and impersonation of legitimate users or services.

🟠

Likely Case

Attackers can generate duplicate private keys to access SSH servers, decrypt TLS sessions, or forge digital signatures where vulnerable keys are used.

🟢

If Mitigated

If keys are regenerated with proper CSPRNG and old keys are revoked, impact is limited to potential historical data exposure.

🌐 Internet-Facing: HIGH - Internet-facing services using vulnerable keys for SSH, TLS, or authentication are directly exposed to key guessing attacks.

🏢 Internal Only: HIGH - Internal systems using vulnerable keys for authentication or encryption are equally vulnerable to compromise.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability allows deterministic key generation, making exploitation straightforward. Public proof-of-concept demonstrates generating duplicate keys.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.0.4

Vendor Advisory: https://github.com/juliangruber/keypair/security/advisories/GHSA-3f99-hvg4-qjwj

Restart Required: No

Instructions:

1. Update keypair to version 1.0.4 or later using npm: npm update keypair. 2. Regenerate all RSA keys created with vulnerable versions. 3. Replace old keys in all systems (SSH, TLS certificates, etc.).

🔧 Temporary Workarounds

Use alternative key generation

all

Replace keypair with secure alternatives like Node.js crypto module or OpenSSL for key generation.

npm uninstall keypair
npm install openssl-wrapper (or use native crypto)

🧯 If You Can't Patch

Immediately regenerate all RSA keys using a secure CSPRNG (e.g., Node.js crypto.randomBytes or OpenSSL) and replace them in all systems.
Monitor for unauthorized access attempts on systems using potentially vulnerable keys and implement additional authentication layers.

🔍 How to Verify

Check if Vulnerable:

Check package.json for keypair version <1.0.4 or run: npm list keypair | grep keypair

Check Version:

npm list keypair | grep keypair

Verify Fix Applied:

Confirm keypair version is 1.0.4 or higher: npm list keypair. Verify new keys are generated using secure methods.

📡 Detection & Monitoring

Log Indicators:

Multiple failed authentication attempts with different keys, unusual SSH or TLS connection patterns

Network Indicators:

Suspicious traffic patterns suggesting key compromise, unexpected successful authentications

SIEM Query:

Search for authentication events from unexpected sources or repeated failed attempts followed by success.

📊 Metadata

CVE ID: CVE-2021-41117

CVSS v3 Score: 8.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CWE: CWE-335

Published: October 11, 2021

Last Updated: November 21, 2024

🔗 References

https://github.com/juliangruber/keypair/security/advisories/GHSA-3f99-hvg4-qjwj Exploit,Patch,Third Party Advisory
https://securitylab.github.com/advisories/GHSL-2021-1012-keypair/ Exploit,Third Party Advisory
https://github.com/juliangruber/keypair/security/advisories/GHSA-3f99-hvg4-qjwj Exploit,Patch,Third Party Advisory
https://securitylab.github.com/advisories/GHSL-2021-1012-keypair/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-41117, you might also want to check these: