Colloquium / Seminars
Topic:RSA Signature Forgery Attacks Against Weak Implementations
Speaker:Prof. Sze Yiu Chau
(Chinese University of Hong Kong)Date time:Oct.1 2024, 14:00-15:00
Venue:SA213
Abstract:
Abstract
RSA signature is a cornerstone of network security, widely used by different systems and applications as the means of achieving cryptographic authentication guarantees. In this talk, we will revisit the problem of verifying RSA signatures. Using different techniques, our recent research revealed many instances of unwarranted leniency in implementations of RSA signature verifiers. Critically, our findings suggest that many systems are susceptible to variants of the Bleichenbacher-style RSA signature forgery attack. We will look at how this attack, enabled by weak implementations, can nullify the security guarantees promised by the underlying cryptography, and discuss how this threat can be mitigated in practice.Download:Talk_1131001.pdf
go back