2 Hits in 7.7 sec

Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E) [article]

Robert Merget, Marcus Brinkmann, Nimrod Aviram, Juraj Somorovsky, Johannes Mittmann, Jörg Schwenk
2020 IACR Cryptology ePrint Archive  
Our main result is a novel side-channel attack, named Raccoon attack, which exploits a timing vulnerability in TLS-DH(E), leaking the most significant bits of the shared Diffie-Hellman secret.  ...  We show that due to a subtle issue in the key derivation of all TLS-DH(E) cipher suites in versions up to TLS 1.2, the premaster secret of a TLS-DH(E) session may, under certain circumstances, be leaked  ...  This behavior allows the attacker to create a most significant bits (MSB) oracle from a server and to determine the most significant bits of the DH secret. The Hidden Number Problem.  ... 
dblp:journals/iacr/MergetBASMS20 fatcat:imgympuz3vbalo6wfvn35seasu

HyperDegrade: From GHz to MHz Effective CPU Frequencies [article]

Alejandro Cabrera Aldaya, Billy Bob Brumley
2021 arXiv   pre-print
Regarding cryptography contributions, we revisit the recently proposed Raccoon attack on TLS-DH key exchanges, demonstrating its application to other protocols.  ...  Using HyperDegrade, we developed an end-to-end attack that shows how a Raccoon-like attack can succeed with real data, filling a missing gap from previous research.  ...  For example, the original Raccoon attack authors gather statistics for static DH keys in X.509 certificates for TLS 1.2 (and lower) authentication, and/or ephemeral-static DH keys in TLS 1.2 (and lower  ... 
arXiv:2101.01077v2 fatcat:bbp5r4rogzdwtenccozu5ma7le