Return of Bleichenbacher's Oracle Threat (ROBOT) presented at blackhatUSA2018 2018

by Craig Young, Hanno Böck,

Summary : With a 19 year old vulnerability, we were able to sign a message with the private key of Facebook. We'll show how we found one of the oldest TLS vulnerabilities in products of 10 different vendors and how we practically exploited it on famous sites. We'll also discuss how the countermeasures introduced back in TLS 1.0 and expanded over the years failed to prevent this and why RSA PKCS #1 v1.5 encryption should be deprecated. Finally, we'll present what related problems are still present and unfixed in many popular TLS libraries.