Difference between revisions of "Bleichenbacher Attack"
Jump to navigation
Jump to search
Line 6: | Line 6: | ||
There are a couple things which are needed for an effective Bleichenbacher Attack. Basically this attack works with RSA PKCS 1.5 but there is one important requirement: a Bleichenbacher Oracle. | There are a couple things which are needed for an effective Bleichenbacher Attack. Basically this attack works with RSA PKCS 1.5 but there is one important requirement: a Bleichenbacher Oracle. | ||
Such an oracle answers repeated questions concerning the validity of an PKCS paket. To create such an oracle there are basically three ways: | Such an oracle is a target system which answers repeated questions concerning the validity of an PKCS paket. To create such an oracle there are basically three ways: | ||
* | * Plain Envryption: if implementation is without signature, the target system will only check the validity of the PKCS paket and sending an error message if the paket is invalid | ||
* Detailed Error Messages: if encryption and signature is applied, but the target system generates specific eroors regarding the validity of an pkcs paket | |||
*Timing Attack: if encryption and signature is applied in a proper way, you can still check the time between responses to generate a side channel regarding the validity of the paket | |||
== Affected Protocols == | == Affected Protocols == |
Revision as of 18:44, 21 December 2020
Description
Description what this documentation is about
Requirements
There are a couple things which are needed for an effective Bleichenbacher Attack. Basically this attack works with RSA PKCS 1.5 but there is one important requirement: a Bleichenbacher Oracle. Such an oracle is a target system which answers repeated questions concerning the validity of an PKCS paket. To create such an oracle there are basically three ways:
- Plain Envryption: if implementation is without signature, the target system will only check the validity of the PKCS paket and sending an error message if the paket is invalid
- Detailed Error Messages: if encryption and signature is applied, but the target system generates specific eroors regarding the validity of an pkcs paket
- Timing Attack: if encryption and signature is applied in a proper way, you can still check the time between responses to generate a side channel regarding the validity of the paket