Add to ORKGAbstract. We describe several attacks against the PKCS#1 v1.5 key transport mechanism of XML Encryption. Our attacks allow to recover the secret key used to encrypt transmitted payload data within a few minutes or several hours, depending on the considered scenario. The attacks exploit differences in error messages and in the timing behavior of XML frameworks. We show how to attack seemingly invulnerable implementations, by exploiting additional properties of the XML Encryption standard that lead to new side-channels. An interesting novelty of one of our attacks is that it combines a weakness of a public-key scheme (transporting an ephemeral session key) with a different weakness of a symmetric encryption scheme (which transports the payloa...
Abstract: We give three variants and improvements of Bleichenbacher’s low-exponent attack from CRYPT...
Simple password authentication is often used e.g. from an e-mail software application to a remote IM...
A new cryptosystem is proposed in the international patent WO/2009/066313 by Artus. The symmetric-ke...
Abstract—At CCS’11 a new chosen-ciphertext attack on XML Encryption [13] has been presented. This at...
The Extensible Markup Language (XML) is extensively used in software systems and services. Various X...
Some promising recent schemes for XML access control employ encryption for implementing security pol...
Abstract—XML Signatures are used to protect XML-based Web Service communication against a broad rang...
Abstract. This paper describes new attacks on pkcs#1 v1.5, a depre-cated but still widely used rsa e...
We show how to exploit the encrypted key import functions of a variety of different cryptographic de...
(article recompensé par le "Best Student Paper Award")International audienceThis paper describes new...
Abstract. Recently, Gligoroski et al. proposed code-based encryption and sig-nature schemes using li...
PKCS#11 is a standard API to cryptographic devices such as smarcards, hardware security modules and ...
Today, XML is the most used data interchange format for business-to-business applications. Indeed, a...
As a countermeasure against the famous Bleichenbacher attack on RSA based ciphersuites, all TLS RFCs...
This paper introduces two new attacks on PKCS#1 v1.5, an rsa-based encryption standard proposed by R...
Abstract: We give three variants and improvements of Bleichenbacher’s low-exponent attack from CRYPT...
Simple password authentication is often used e.g. from an e-mail software application to a remote IM...
A new cryptosystem is proposed in the international patent WO/2009/066313 by Artus. The symmetric-ke...
Abstract—At CCS’11 a new chosen-ciphertext attack on XML Encryption [13] has been presented. This at...
The Extensible Markup Language (XML) is extensively used in software systems and services. Various X...
Some promising recent schemes for XML access control employ encryption for implementing security pol...
Abstract—XML Signatures are used to protect XML-based Web Service communication against a broad rang...
Abstract. This paper describes new attacks on pkcs#1 v1.5, a depre-cated but still widely used rsa e...
We show how to exploit the encrypted key import functions of a variety of different cryptographic de...
(article recompensé par le "Best Student Paper Award")International audienceThis paper describes new...
Abstract. Recently, Gligoroski et al. proposed code-based encryption and sig-nature schemes using li...
PKCS#11 is a standard API to cryptographic devices such as smarcards, hardware security modules and ...
Today, XML is the most used data interchange format for business-to-business applications. Indeed, a...
As a countermeasure against the famous Bleichenbacher attack on RSA based ciphersuites, all TLS RFCs...
This paper introduces two new attacks on PKCS#1 v1.5, an rsa-based encryption standard proposed by R...
Abstract: We give three variants and improvements of Bleichenbacher’s low-exponent attack from CRYPT...
Simple password authentication is often used e.g. from an e-mail software application to a remote IM...
A new cryptosystem is proposed in the international patent WO/2009/066313 by Artus. The symmetric-ke...