Skip to content

RSA Private Key

Service Name: Generic RSA Private Key

Service Description: RSA (Rivest–Shamir–Adleman) is a public-key cryptosystem widely used for secure data transmission. A private key is used to decrypt data encrypted with the corresponding public key and to create digital signatures.

Service Address: Not applicable - RSA is a cryptographic algorithm, not a specific service

Validation Type: NHI Enriched

IP Allow list: Does not exist

Secret Access Scope: Grants the ability to decrypt data encrypted with the corresponding public key, sign data that can be verified with the public key, and potentially authenticate to systems that use this key pair for authentication.

Secret Revokement URL: Does not exist (depends on where the key is being used)

Secret Example:

-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA1DSJ5NCOo8YXJIJgQHvC8vkYnK8OZYaY7h3BT6ZCwKJNJOz0
xRlw7bHI7Ij5VvqXBGYbW5tLqPHrDXmQmGnMUZwU+ZSxFjT6XMp1JIjOj4IVJmWU
Hs/GvKvfG/Dj4WDWfXJIQmOmrMWIgW8vREe8j6MZOH6JJzNdILmxHFYuZ2f7xFIB
MxVCewgB15UprkEy2H+Wt8YUBvj0v7h0B5InqWQyGAQEj+KjnL8wb6Qe3UJx3GXd
qV4GYOzYBALJxxw5JWkO3UBjYqFJ0jc0R0qf3lmMJf1CiTvCQRjCQf8D+E0eIJCj
VDfnWd0B+lfJRJ/JEXVPqzSJYRn4JxNn5qkTHQIDAQABAoIBAQCyX5w3PtZQjrSW
9JYQqG8TnAG5Vftyvna9TnEBPSXxgcLrIW3FZYwHUJPJQj3kiTxJJfLwox9AzFn8
MXzKkRWYecoMHHJfwG0k/1VrwVD0sFKLfJ2/b+jIQu9R4wPiABTPvTNxRYZYCjQq
9BAqz4H9l6C9lHJY5qHyPEzJuUhCQQE5xJEn+ykKqY9D0KJJ8hVIuxZbQDKJnb2Q
ZLSD+K4VgiFPKFOLvCz+9MLptGQYqIGGVgE0JW+9L5Ui6mCZ6K4yFb9d5FS0Vl7Y
XSQZ8xSC4yaSUEr8TDI+JlViLNdWZP8Hbk8JpIQU2CRGjbN+JHXhh95QnrUVRGBM
y6SG7TwBAoGBAP/Eo3bGJGKvHYYE82I+YounJUHHQKpwY3MxQDYhEIJCjl+WTiKo
K5QjTf9/8YGlYGp305L2VIKiOY5YwgEHpJYtav+GGGzUcAFsYZ8j8elQz3dcnIwZ
wVu4OYCVPfQoUJiWYaXPP/yMZ6LUKPqhA5gyYYE33zDEVW6JJfqBdX0NAoGBANRE
Eu3ZSxZ6CciYRcM8LM5BkCmAB13pQei9UMmgZDHbahXPjXVdLGWKu6TfQo8KiZZF
3NxDUYxzVgQBPWdXcJZIlEEDUUfCzVRIByPXD8+jeKK+HS/RKGQVzCnTOMAJJLLW
sYHbVFOYkJWcXUMjYQVS0vDVf4V/YZbDMQXtKYnBAoGBAOxQJOXDZiXzfu8nGBrW
6TvzwJGQjmPlfEkMYiLJMMXdP7dCZFCqYdRgE+jQKtBBmwl4SEjbeLpKGY8DbGbf
CuD4E/SJxZIibUEqCCJJQOWzDH9qwwdGMFdWC5lxvfDMFLZ3eKOmXbCsIGxCrz8T
+9PL8eCpZjzEqyHEY4UGCGvNAoGAMqbl9hF+1zcgdI9fmuDtGZgIQ0cCQ4n9hEMs
0qU7L0MS+lIQxFcIKCnN98j3PwcbZ5jTtOxJQrQi2gcXvWrDKzQXQGx2fgWHVZj5
JL4PnYf/Jt7Xv5QipAJALW7GGKDYEOvkq5MbMfgEZGXjROqfXYGLOzXxCn3Ihtxp
J0XJhAECgYBJQn0/5+LXjGYrDIx6e8ZbxNxCZpRhUe2xYYt+EYU9m9/vtGZVPBFf
+HfgTnH1N0bJ3c9EfyYWtqOFMrOYwNGG19KjCp5FsLyEYJ2bE/UjQOx4CU9LqrOr
h9zgRzSjk5idsGPxqFc2hFPFiJXQXEeA3RbvN8ArYLTKI8EhgCQjdw==
-----END RSA PRIVATE KEY-----

Suspicious Activity Investigation Instructions:

  • Check logs for unauthorized access to systems where this key is used

  • Review access logs for the corresponding public key certificate

  • Check for any unauthorized file transfers or data exfiltration

  • Look for unusual authentication attempts using this key

  • Verify if the key has been used in unexpected locations or at unusual times

  • Check for any digital signatures created with this key that you did not authorize

Mitigation Instructions:

  • Generate a new RSA key pair immediately

  • Revoke and replace the compromised key in all systems where it was used

  • Update all certificates that used the compromised key

  • Rotate any credentials or secrets that were protected by this key

  • Update configurations in all systems that used this key for authentication

  • If the key was used for code signing, re-sign all code with the new key

  • If the key was used for SSH access, update authorized_keys files on all servers

  • Consider implementing hardware security modules (HSMs) for better key protection

  • Review key management practices and implement stronger access controls