Here's the page we think you wanted. See search results instead:

Toggle Menu

Chat Live

Confirm Your Country or Area

Please Confirm

Confirm your country to access relevant pricing, special offers, events, and contact information.

What are you looking for?

MXG Signal Generator UXA Signal Analyzer UXM for Wi-Fi 7 PXA Signal Analyzer Find a solution Get technical support Take a class Find us at events Premium used equipment KeysightCare Buy online

No product matches found - System Exception

RSA PKCS#1 Decryption Attack Vulnerable Handshake

Strike ID:

E17-6v3a1

CVSS:

5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

False Positive:

Variants:

Year:

2017

Description

This strike emulates a TLS handshake using an RSA Encrypted PreMaster Secret, which may be vulnerable to the Return Of Bleichenbacher's Oracle Threat (ROBOT) decryption attack. Due to incorrect handling of improperly padded or invalid RSA Encrypted PreMaster Secrets, information which may be used to decrypt or decipher the server's private key is leaked. Successful exploitation may result in decryption of encrypted communications or may allow the attacker to sign cryptographically sign messages with the server's private key. This strike only emulates a vulnerable handshake and does not emulate an attack. TLS_RSA ciphers have not been deprecated for TLS 1.1 or 1.2, but is deprecated for TLS 1.3. The researchers who have discovered the vulnerability recommend disabling TLS_RSA ciphers.

References

https://robotattack.org/

Welcome

What are you looking for?

RSA PKCS#1 Decryption Attack Vulnerable Handshake

Description

References