GDT Webinar Series – How to Fail at Security? Reserve Your Spot
Contact

Bleichenbacher—the man, the legend, the TLS attack

  • GDT
  • February 11, 2019
Bleichenbacher attack

According to a technical paper published by a team of academics, there’s a new cryptographic attack lurking. It allows attackers to intercept data believed to be secure through TLS (Transport Layer Security), which provides authentication encryption between network devices. The researchers who identified it have dubbed it ROBOT, an acronym for Return of Bleichenbacher’s Oracle Threat.

Technically, it’s not really new

As is often the case, attackers, who often lack creativity, ingenuity, or both, borrow from previously and successfully launched evil. In this particular case, the miscreants filched from the Bleichenbacher attack, which was launched last century (1998) and victimized SSL servers. In it, the attackers sent encrypted text, known as ciphertext, to be decrypted. The decrypted results they got back picked subsequent ciphertexts, and so on, and so on…

The attacker performs decryption through RSA, which is a key-exchange algorithm utilized by TLS and its predecessor, SSL (Secure Socket Layer). Along with key-exchange algorithms, TLS and SSL utilize symmetric-key algorithms, which are faster than their counterpart, but not quite on an encryption par. The key-exchange algorithms help determine the symmetric keys to use during a TLS or SSL session. Key-exchange algorithms are like a mediator who determines whether you’d like to converse with somebody, even though both of you speak a range of languages. Once you both agree that a conversation is merited, symmetric keys represent the language in which you’d both like to converse. The symmetric keys are created for agreed upon encryption and decryption, including any detected tampering.

Before you go hating on the name Bleichenbacher, (his Christian name Daniel) know that he is one (1) of the good guys. He is the erstwhile Bell Labs researcher who discovered the attack over two (2) decades ago.

These latest plagiarists come from a long line of scoundrels, though. There have been over ten (10) attacks that borrowed from the original Bleichenbacher attack. They were all effective to some degree, hence the imitations.

Here’s why it’s working

The authors of the TLS protocol had their hearts in the right place, but their retrofitted measures to make guessing the RSA decryption key more difficult have fallen short. Essentially, they’ve patched worn tires instead of buying new ones. What was needed was the replacement of the insecure RSA algorithm. Now, instead, many TSL-capable routers, servers, firewall and VPNs are still vulnerable.

The hits just keep coming

Not to be a downer, but it’s important to note that this latest attack works against Google’s new QUIC encryption protocol. And how’s this for irony? Google is Daniel Bleichenbacher’s current employer.

 Security Experts with the answers

To find out how to secure your organization’s network and protect its mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

Author

Share this article

You might also like:

See All

GDT Security VP on Leveraging AI & Machine Learning in Cybersecurity

As the head of GDT’s security practice and an industry veteran, Jeanne Malone and her team help customers worldwide advance their cybersecurity posture. One of the biggest cybersecurity game-changers is artificial intelligence (AI). We asked Jeanne to weigh in on leveraging AI and machine learning in cybersecurity to improve intrusion

Guard Against the “Elite Eight” Cybersecurity Threats of 2024

NCAA basketball coaching legend Bobby Knight once said: “Good basketball always starts with a good defense.” Winning teams understand their opponents’ strengths and weaknesses, as well as their own. They study their opponents’ plays and anticipate their next moves. The same concept is true for cybersecurity, which is why, at

Newly Launched GDT NaaS, Powered by Juniper Offers Modern Approach to Networking

Dallas, Texas, January 31, 2024 – General Datatech (GDT), a leading global IT services provider, has worked with Juniper Networks to launch GDT Network as a Service (NaaS), Powered by Juniper. This modern networking approach simplifies network design, implementation, and management by delivering a flexible, subscription-based option to access the industry’s

Stay up-to-date with the industry

Fill out the form and get started!

GDT needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Privacy Policy.

GDT Innovation Campus | 999 Metromedia Place Dallas, TX 75247 | 214.857.6100

Stay up to date

Copyright © 2019-2024 General Datatech, LP. All rights reserved. GDT names and logos are trademarks, or trademarks Reg. U.S. Pat. & TM Office, of General Datatech, LP and/or its affiliates in the U.S. and other countries. Third-party trademarks mentioned or reflected herein are the property of their respective owners. Additionally, the use of the word “partner” does not imply a legal partnership relationship between GDT and any other company.

Connect with us

Copyright © 2019-2024 General Datatech, LP. All rights reserved. GDT names and logos are trademarks, or trademarks Reg. U.S. Pat. & TM Office, of General Datatech, LP and/or its affiliates in the U.S. and other countries. Third-party trademarks mentioned or reflected herein are the property of their respective owners. Additionally, the use of the word “partner” does not imply a legal partnership relationship between GDT and any other company.