Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

What happened?

The Bleichenbacher attack is back, now named "Return Of Bleichenbacher's Oracle Threat" (ROBOT). This 19-year-old vulnerability can allow an attacker to decrypt HTTPS traffic by exploiting some RSA encryption implementations.



Détails de la vulnérabilité

The Bleichenbacher attack is applicable to the TLS-RSA key exchange. This key exchange is used in all cipher suites having names starting with TLS_RSA (e.g. TLS_RSA_WITH_AES_128_CBC_SHA256).


The novelty of the ROBOT attack, compared to the original Bleichenbacher’s one, is that TLS implementations known to be vulnerable may return different TLS alerts and/or connection closures depending on the crafted padding, and this side-channel information can be used to improve the efficiency of the attack (less requests needed).

DenyAll Statement

The DenyAll products are *not* vulnerable to this attack.