Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Raccoon Attack - Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)

TheIACR via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the intricacies of the Raccoon Attack, a cryptographic vulnerability affecting TLS-DH(E), in this conference talk delivered by Robert Merget at the Workshop on Attacks in Cryptography during Crypto 2021. Delve into the fundamentals of TLS-DH(E) and constant time execution before examining the attack's methodology for retrieving the PMS (Pre-Master Secret). Analyze key derivation processes in TLS, including the Merkle-Damgård construction and hashfunction performance expectations. Investigate SSL 3 key derivation, TLS 1.0/1.1 PRF, and the role of HMAC in the PRF. Learn about measurement errors, special timing measurement equipment, and the challenges of direct Raccoon attacks with non-determinism. Assess the impact of the Raccoon Attack and explore potential countermeasures. Extend the discussion to Raccoon's implications for ECDH(E), TLS 1.3, and eTLS/ETS. Examine the underlying reasons for these vulnerabilities and their relation to the PRF-ODH assumption. Conclude by considering Raccoon's potential effects on other protocols, gaining a comprehensive understanding of this significant cryptographic exploit.

Syllabus

Intro
TLS-DH(E)
Constant Time Execution
Attack Overview
Retrieving the PMS
Key Derivation in TLS
Merkle-Damgård-Construction
Hashfunction Performance (expectation)
SSL 3 Key Derivation
TLS 1.0/1.1 PRF
HMAC in the PRF
Attacker can choose Hash Functions
Measurement Errors
Special Timing Measurement Equipment
Direct Raccoon + Non-Determinism
Impact
Countermeasure
So.... no Side-Channel?
Raccoon and ECDH(E)
Raccoon and TLS 1.3
Raccoon and eTLS/ETS
Why the mess?
Raccoon & DH(E) Proofs
PRF-ODH Assumption
Raccoon and other Protocols
Conclusion

Taught by

TheIACR

Reviews

Start your review of Raccoon Attack - Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.