Contact us: info@akimbocore.com

Return of Bleichenbacher’s Oracle Threat (ROBOT)

Author: HollyGraceful    Published: 21 October 2022    Last Updated: 03 November 2022

Return of Bleichenbacher’s Oracle Threat (ROBOT) is a padding oracle vulnerability that allows an attacker to illegitimately perform RSA decryption and signing operations with the private key of a TLS server. The attack would allow an attacker to intercept communications and later decrypt them.

For devices that are affected by this vulnerability, vendors have released patches to address the issue. However, the authors of this attack recommend more generally that RSA encryption is disabled in favour of Elliptic curve cryptography.

It is recommended that:

  • RSA encryption is disabled

 

References

Article Tags

SSL/TLS Vulnerabilities