Return Of Bleichenbacher Oracle Threat [ROBOT]

ROBOT – Return Of Bleichenbacher Oracle Threat, is an attack model based on Daniel Bleichenbacher chosen-ciphertext attack. Bleichenbacher discovered an adaptive-chosen ciphertext attack against protocols using RSA, he demonstrated the ability to perform RSA private-key operations.  Researchers have been able to exploit the same vulnerability with small variations to the Bleichenbacher attack. Attack Model PKCS #1 v1.5 … Continue reading “Return Of Bleichenbacher Oracle Threat [ROBOT]”

ROCA: Vulnerable RSA Key Generation [CVE-2017-15361]

The RSA keys generated using libraries from Infineon Technologies are vulnerable to practical factorization. An attacker can calculate the private key based on the structure of the generated primes. The issue affects key sizes 1204 bits and 2048 bits. The attack has been named ROCA: “Return Of Coppersmith’s Attack” and is assigned CVE-2017-15361. Coppersmith’s attacks are … Continue reading “ROCA: Vulnerable RSA Key Generation [CVE-2017-15361]”