Researchers discover yet another Bleichenbacher attack variation (yawn!).
February 9, 2019, By Catalin Cimpanu
A team of academics has revealed a new cryptographic attack this week that can break encrypted TLS traffic, allowing attackers to intercept and steal data previously considered safe & secure.
This new downgrade attack --which doesn't have a fancy name like most cryptography attacks tend to have-- works even against the latest version of the TLS protocol, TLS 1.3, released last spring and considered to be secure.
The new cryptographic attack isn't new, per-se. It's yet another variation of the original Bleichenbacher oracle attack.
The original attack was named after Swiss cryptographer Daniel Bleichenbacher, who in 1998 demonstrated a first practical attack against systems using RSA encryption in concert with the PKCS#1 v1 encoding function.
Full Article.