Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

A Decade After Bleichenbacher '06, RSA Signature Forgery Still Works

Black Hat via YouTube

Overview

Explore a Black Hat conference talk that delves into RSA signature forgery vulnerabilities persisting a decade after Bleichenbacher's 2006 attack. Learn about the researchers' use of dynamic symbolic execution to analyze signature verification logic across various implementations, resulting in 6 new CVEs. Discover the systematic approach used to uncover these flaws, including the release of a toolchain and relevant artifacts. Gain insights into why such vulnerabilities continue to exist and how to prevent similar mistakes in the future. Follow the presentation's structure, covering topics from textbook RSA signatures to PKCS#1 v1.5 Signature Scheme, Bleichenbacher's low exponent attack, and specific case studies involving Openswan and strongSwan implementations.

Syllabus

Intro
Textbook RSA signature
Beyond textbook RSA
PKCS#1 v1.5 Signature Scheme
Bleichenbacher's low exponent attack
A little brain teaser
Why was the attack possible?
To find these attacks
Automatically generate concolic test cases
Testing with Symbolic Execution
Implementations Tested
Leniency in Openswan 2.6.50
New unit test in Openswan
Leniency in strongSwan 5.6.3
strongSwan Security Update
Lessons Learned

Taught by

Black Hat

Reviews

Start your review of A Decade After Bleichenbacher '06, RSA Signature Forgery Still Works

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.