Raccoon Attack - Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)

Raccoon Attack - Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)

TheIACR via YouTube Direct link

So.... no Side-Channel?

18 of 26

18 of 26

So.... no Side-Channel?

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Raccoon Attack - Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 TLS-DH(E)
  3. 3 Constant Time Execution
  4. 4 Attack Overview
  5. 5 Retrieving the PMS
  6. 6 Key Derivation in TLS
  7. 7 Merkle-Damgård-Construction
  8. 8 Hashfunction Performance (expectation)
  9. 9 SSL 3 Key Derivation
  10. 10 TLS 1.0/1.1 PRF
  11. 11 HMAC in the PRF
  12. 12 Attacker can choose Hash Functions
  13. 13 Measurement Errors
  14. 14 Special Timing Measurement Equipment
  15. 15 Direct Raccoon + Non-Determinism
  16. 16 Impact
  17. 17 Countermeasure
  18. 18 So.... no Side-Channel?
  19. 19 Raccoon and ECDH(E)
  20. 20 Raccoon and TLS 1.3
  21. 21 Raccoon and eTLS/ETS
  22. 22 Why the mess?
  23. 23 Raccoon & DH(E) Proofs
  24. 24 PRF-ODH Assumption
  25. 25 Raccoon and other Protocols
  26. 26 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.