Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks

@inproceedings{Meyer2014RevisitingSI,
  title={Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks},
  author={Christopher Meyer and Juraj Somorovsky and Eugen Weiss and J{\"o}rg Schwenk and Sebastian Schinzel and Erik Tews},
  booktitle={USENIX Security Symposium},
  year={2014}
}
As a countermeasure against the famous Bleichenbacher attack on RSA based ciphersuites, all TLS RFCs starting from RFC 2246 (TLS 1.0) propose “to treat incorrectly formatted messages in a manner indistinguishable from correctly formatted RSA blocks”. In this paper we show that this objective has not been achieved yet (cf. Table 1): We present four new Bleichenbacher side channels, and three successful Bleichenbacher attacks against the Java Secure Socket Extension (JSSE) SSL/TLS implementation… CONTINUE READING
Highly Cited
This paper has 49 citations. REVIEW CITATIONS

Topics

Statistics

01020201620172018
Citations per Year

Citation Velocity: 13

Averaging 13 citations per year over the last 3 years.

Learn more about how we calculate this metric in our FAQ.