Return of Bleichenbacher’s Oracle Threat (ROBOT)

21 October 2022 - Articles

Return of Bleichenbacher’s Oracle Threat (ROBOT) is a padding oracle vulnerability that allows a threat actor to illegitimately perform RSA decryption and signing operations with the private key of a TLS server. The attack would allow an attacker to intercept communications and later decrypt them.

For devices that are affected by this vulnerability, vendors have released patches to address the issue. However, the authors of this attack recommend more generally that RSA encryption is disabled in favour of Elliptic curve cryptography.

It is recommended that:

  • RSA encryption is disabled


Play Cover Track Title
Track Authors