Daniel Bleichenbacher
   HOME

TheInfoList



Click Here for Items Related To - Daniel Bleichenbacher
OR:
Daniel Bleichenbacher on:   [Wikipedia]   [Google]   [Amazon]

Daniel Bleichenbacher (born 1964) is a Swiss
cryptographer Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adver ...
, previously a researcher at
Bell Labs Nokia Bell Labs, originally named Bell Telephone Laboratories (1925–1984), then AT&T Bell Laboratories (1984–1996) and Bell Labs Innovations (1996–2007), is an American industrial Research and development, research and scientific developm ...
, and currently employed at
Google Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...
. He received his Ph.D. from ETH Zurich in 1996 for contributions to computational number theory, particularly concerning message verification in the ElGamal and RSA public-key cryptosystems. His doctoral advisor was
Ueli Maurer Ulrich "Ueli" Maurer (; born 1 December 1950) is a Swiss politician who has served as a Member of the Swiss Federal Council since 2009. A member of the Swiss People's Party (SVP/UDC), he was President of the Swiss Confederation in 2013 and 2019 ...
.


RSA Attacks

Bleichenbacher is particularly notable for devising attacks against the RSA public-key cryptosystem, namely when used with the PKCS#1 v1 standard published by
RSA Laboratories RSA Security LLC, formerly RSA Security, Inc. and doing business as RSA, is an American computer and network security company with a focus on encryption and encryption standards. RSA was named after the initials of its co-founders, Ron Rivest, ...
. These attacks were able to break both RSA encryption and signatures produced using the PKCS #1 standard.


BB'98 attack: chosen ciphertext attack against the RSA PKCS#1 encryption standard

In 1998, Daniel Bleichenbacher demonstrated a practical attack against systems using RSA encryption in concert with the PKCS #1 encoding function, including a version of the
Secure Sockets Layer Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securi ...
(SSL) protocol used by thousands of web servers at the time. This attack was the first practical reason to consider
adaptive chosen-ciphertext attack An adaptive chosen-ciphertext attack (abbreviated as CCA2) is an interactive form of chosen-ciphertext attack in which an attacker first sends a number of ciphertexts to be decrypted chosen adaptively, and then uses the results to distinguish a tar ...
s.


BB'06 attack: signature forgery attack against the RSA PKCS#1 signature standard

In 2006 at a rump session at CRYPTO, Bleichenbacher described a "pencil and paper"-simple attack against RSA signature validation as implemented in common cryptographic toolkits. Both OpenSSL and the NSS security engine in
Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current ...
were later found to be vulnerable to the attack, which would allow an attacker to forge the SSL certificates that protect sensitive websites.Analysis on Bleichenbacher's Forgery Attack
''IEEE''. 2007.


References

{{DEFAULTSORT:Bleichenbacher, Daniel Modern cryptographers 1964 births Living people Google employees