ROBOT Attack Revives a 19-Year Old Vulnerability

Category: Web Security Readings - Last Updated: Fri, 05 Jan 2018 - by Hakan Arici

The ROBOT Attack revives a 19-year old Oracle vulnerability first discovered and reported by Daniel Bleichenbacher in 1998. It involves sending Client Key Exchange messages with wrong paddings while a TLS-RSA handshake is being negotiated. Vulnerable servers then enabled hackers to decrypt ciphertext or sign data. Read More