Public key cryptography underpins core internet protocols, yet real-world deployments continue to rely on weak, leaked or improperly generated keys. Long-standing implementation flaws, example keys copied into production and historical vulnerabilities that never fully disappeared contribute to systemic risk across modern infrastructure.

Automated discovery and analysis of cryptographic keys across protocols reveal how configuration shortcuts, legacy software behavior and ambiguous specifications undermine trust models at scale. Examining keys used in email authentication, DNS integrity, device firmware and identity federation shows how failures propagate silently and remain exploitable years after disclosure.

In this session, led by Hanno Böck, freelance journalist, you will learn:

• How flawed key generation and reused example keys persist in production systems;
• Protocol-specific risks in DKIM, DNSSEC and OpenID Connect deployments;
• Automated methods for detecting vulnerable RSA and elliptic curve keys that remain exploitable despite historical disclosure.