Crypto boffins have found a way to exploit side-channel information to downgrade most of the current TLS implementations, thanks to ongoing support for outmoded RSA key exchanges. In a paper published on Friday, “The 9 Lives of Bleichenbacher’s CAT: New Cache ATtacks on TLS Implementations,” co-authors Eyal Ronen, Robert Gillham, Daniel Genkin, Adi Shamir, David Wong and Yuval Yarom describe an updated version of an attack, first outlined by Swiss cryptographer Daniel Bleichenbacher two decades ago.
ORIGINAL SOURCE: The Register