RSA Signature Forgery Explained (with Nate Lawson) - Wrapup
Nate | September 29th, 2006 | Filed Under: Defenses, Guests, New Findings, Uncategorized
«Previous: Attacks on Other Algorithms | [Top][]
If you missed out on the analysis of RSA and other public key implementation security, here’s a summary of all that we covered.
- Introduction and impact of RSA padding verification flaw
- Why public key crypto is so vulnerable to implementation flaws
- How the exploit works for vulnerable RSA implementations
- How to fix the problem properly and a wishful analysis of how the repair process might have been
- Other ways to screw up RSA verification as seen in other systems
- Implementation flaws for EC, Diffie-Hellman, SRP, and other public key systems
Footnote: why RSA-PSS is not a panacea
We hope you enjoyed the series and learned something about the many ways public key crypto can fail if not implemented perfectly. If you are thinking about implementing your own public key crypto, think again. If you’re responsible for maintaining existing libraries (or a security researcher), there are plenty out there still vulnerable to the flaws we described. Please change that!
Sincerely,
Nate and Tom
Matasano Chargen » RSA Signature Forgery Explained (with Nate Lawson) - Part VI
October 20th, 2006 1:23 pm[…] «Previous: Eight Other Attacks | [Top][] | Next: Conclusion» […]
Matasano Chargen » Public Key Signature Forgery: Collected
October 20th, 2006 1:47 pm[…] Conclusion […]
Donnie Brasco
November 29th, 2006 2:17 pmSimply awesome writing! I didn’t have time to study this when the exploit came out. Nice to see the summary is comprehensive.
Matasano Chargen » Welcome, SecurityFocus Readers!
April 3rd, 2007 7:08 pm[…] A series Nate Lawson did with me on how to forge RSA keys using Bleichenbacher’s attack that broke OpenSSL. I promise, more fun than it sounds. […]
Leave a reply