YoVDO

Raccoon Attack - Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)

Offered By: TheIACR via YouTube

Tags

Side Channel Attacks Courses Cryptography Courses Network Security Courses Hash Functions Courses Key Derivation Courses

Course Description

Overview

Explore the intricacies of the Raccoon Attack, a cryptographic vulnerability affecting TLS-DH(E), in this conference talk delivered by Robert Merget at the Workshop on Attacks in Cryptography during Crypto 2021. Delve into the fundamentals of TLS-DH(E) and constant time execution before examining the attack's methodology for retrieving the PMS (Pre-Master Secret). Analyze key derivation processes in TLS, including the Merkle-Damgård construction and hashfunction performance expectations. Investigate SSL 3 key derivation, TLS 1.0/1.1 PRF, and the role of HMAC in the PRF. Learn about measurement errors, special timing measurement equipment, and the challenges of direct Raccoon attacks with non-determinism. Assess the impact of the Raccoon Attack and explore potential countermeasures. Extend the discussion to Raccoon's implications for ECDH(E), TLS 1.3, and eTLS/ETS. Examine the underlying reasons for these vulnerabilities and their relation to the PRF-ODH assumption. Conclude by considering Raccoon's potential effects on other protocols, gaining a comprehensive understanding of this significant cryptographic exploit.

Syllabus

Intro
TLS-DH(E)
Constant Time Execution
Attack Overview
Retrieving the PMS
Key Derivation in TLS
Merkle-Damgård-Construction
Hashfunction Performance (expectation)
SSL 3 Key Derivation
TLS 1.0/1.1 PRF
HMAC in the PRF
Attacker can choose Hash Functions
Measurement Errors
Special Timing Measurement Equipment
Direct Raccoon + Non-Determinism
Impact
Countermeasure
So.... no Side-Channel?
Raccoon and ECDH(E)
Raccoon and TLS 1.3
Raccoon and eTLS/ETS
Why the mess?
Raccoon & DH(E) Proofs
PRF-ODH Assumption
Raccoon and other Protocols
Conclusion


Taught by

TheIACR

Related Courses

Classical Cryptosystems and Core Concepts
University of Colorado System via Coursera
Foundations of Cryptography
NPTEL via Swayam
Applied Cryptography
University of Colorado System via Coursera
Python 3: Deep Dive (Part 3 - Dictionaries, Sets, JSON)
Udemy
Cryptography and Digital Certificates
Coventry University via FutureLearn