In a study examining SPF, DKIM, and DMARC records of the top 1M websites, over 1,700 DKIM keys shorter than 1,024 bits were discovered, revealing a security risk despite being deprecated. Attempting to crack one of these keys, researchers succeeded by using a cloud server and open-source tools. The process involved factorizing the RSA modulus, constructing a private key, and conducting DKIM verification tests using redfin.com’s compromised key. Surprisingly, Yahoo Mail, Mailfence, and Tuta passed the DKIM check, indicating a need for stricter security measures regarding RSA key length. The study urges domain owners and email providers to adhere to the 1,024-bit minimum standard to prevent vulnerabilities.
https://dmarcchecker.app/articles/crack-512-bit-dkim-rsa-key