Daniel Bleichenbacher
Encyclopedia
Daniel Bleichenbacher is a Swiss
cryptographer, previously a researcher at Bell Labs
, and currently employed at Google
. He received his Ph.D. from ETH Zurich
in 1996 for contributions to computational number theory, particularly concerning message verification in the ElGamal and RSA public-key cryptosystems.
In 1998, Daniel Bleichenbacher demonstrated a practical attack against systems using RSA encryption in concert with the PKCS#1 v1
encoding function, including a version of the Secure Socket Layer (SSL) protocol used by thousands of web server
s at the time.
This attack was the first practical reason to consider adaptive chosen-ciphertext attack
s.
In 2006 at a rump session at CRYPTO
, Bleichenbacher described a "pencil and paper"-simple attack against RSA signature validation as implemented in common cryptographic toolkits. Both OpenSSL
and the NSS security engine in Firefox were later found to be vulnerable to the attack, which would allow an attacker to forge the SSL
certificates
that protect sensitive websites.
Switzerland
Switzerland name of one of the Swiss cantons. ; ; ; or ), in its full name the Swiss Confederation , is a federal republic consisting of 26 cantons, with Bern as the seat of the federal authorities. The country is situated in Western Europe,Or Central Europe depending on the definition....
cryptographer, previously a researcher at Bell Labs
Bell Labs
Bell Laboratories is the research and development subsidiary of the French-owned Alcatel-Lucent and previously of the American Telephone & Telegraph Company , half-owned through its Western Electric manufacturing subsidiary.Bell Laboratories operates its...
, and currently employed at Google
Google
Google Inc. is an American multinational public corporation invested in Internet search, cloud computing, and advertising technologies. Google hosts and develops a number of Internet-based services and products, and generates profit primarily from advertising through its AdWords program...
. He received his Ph.D. from ETH Zurich
ETH Zurich
The Swiss Federal Institute of Technology Zurich or ETH Zürich is an engineering, science, technology, mathematics and management university in the City of Zurich, Switzerland....
in 1996 for contributions to computational number theory, particularly concerning message verification in the ElGamal and RSA public-key cryptosystems.
In 1998, Daniel Bleichenbacher demonstrated a practical attack against systems using RSA encryption in concert with the PKCS#1 v1
PKCS1
In cryptography, PKCS#1 is the first of a family of standards called Public-Key Cryptography Standards , published by RSA Laboratories. It provides the basic definitions of and recommendations for implementing the RSA algorithm for public-key cryptography...
encoding function, including a version of the Secure Socket Layer (SSL) protocol used by thousands of web server
Web server
Web server can refer to either the hardware or the software that helps to deliver content that can be accessed through the Internet....
s at the time.
This attack was the first practical reason to consider adaptive chosen-ciphertext attack
Adaptive chosen-ciphertext attack
An adaptive chosen-ciphertext attack is an interactive form of chosen-ciphertext attack in which an attacker sends a number of ciphertexts to be decrypted, then uses the results of these decryptions to select subsequent ciphertexts...
s.
In 2006 at a rump session at CRYPTO
Crypto
-Cryptography and cryptanalysis:* Cryptography, the practice and study of hiding information* Cryptanalysis, the study of methods for obtaining the meaning of encrypted information* CRYPTO , an annual cryptographical and cryptoanalytic conference...
, Bleichenbacher described a "pencil and paper"-simple attack against RSA signature validation as implemented in common cryptographic toolkits. Both OpenSSL
OpenSSL
OpenSSL is an open source implementation of the SSL and TLS protocols. The core library implements the basic cryptographic functions and provides various utility functions...
and the NSS security engine in Firefox were later found to be vulnerable to the attack, which would allow an attacker to forge the SSL
Transport Layer Security
Transport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
certificates
Public key certificate
In cryptography, a public key certificate is an electronic document which uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth...
that protect sensitive websites.