Descrizione
In this video I explain a famous cryptographic attack known as Bleichenbacher’s oracle that was found in 1998 by Daniel Bleichenbacher and that attacks vulnerable implementation of RSA encryption when used with a padding standard known as PKCS #1 v1.5 that expose a cryptographic padding oracle.
Timestamps
00:00:00 introduction
00:06:30 brief recap of TLS and TLS handshake
00:11:15 brief recap on RSA
00:14:28 on the malleability of RSA
00:16:15 textbook RSA does not work
00:17:30 on the padding scheme PKCS #1 v1.5
00:21:48 what does it mean to have a bleichenbacher’s oracle?
00:25:39 overview of the bleichenbacher’s attack
00:30:08 on the consequences of PKCS #1 v1.5
00:33:27 start of decryption algorithm
00:35:35 step 1: search for next s_i
00:38:37 step 2: construction of M_i
00:56:11 step 2: code
00:57:30 after the step 2
00:58:50 classical optimization #1
01:02:30 classical optimization #2
01:08:15 further optimizations
01:09:00 the missing step
01:09:50 references
01:10:10 offline implementation in python
Riferimenti / Materiale
https://academy.leonardotamiano.xyz/video/HgrwrDMvRTI.html
https://archive.leonardotamiano.xyz/yt/crypto/01/
