Martin's selection of few interesting IT Security, Privacy, and free tools from the Net: Watchout - Another cryptographic attack that can break encrypted TLS traffic (including 1.3). It's a variation of the original Bleichenbacher oracle attack.

Sunday, February 10, 2019

Watchout - Another cryptographic attack that can break encrypted TLS traffic (including 1.3). It's a variation of the original Bleichenbacher oracle attack.

Good news is is that an updated versions of all the affected libraries were published concurrently in November 2018, when researchers published an initial draft of their research paper

The attack leverages a side-channel leak via cache access timings of these implementations in order to break the RSA key exchanges of TLS implementations

The reason for all these attack variations is because the authors of the TLS encryption protocol decided to add countermeasures to make attempts to guess the RSA decryption key harder, instead of replacing the insecure RSA algorithm.

https://www.zdnet.com/article/new-tls-encryption-busting-attack-also-impacts-the-newer-tls-1-3/

Martin's selection of few interesting IT Security, Privacy, and free tools from the Net

Sunday, February 10, 2019

Watchout - Another cryptographic attack that can break encrypted TLS traffic (including 1.3). It's a variation of the original Bleichenbacher oracle attack.

No comments:

Post a Comment

Popular Posts

Categories

Blog Archive