­
Recover A RSA Private key from a TLS session with perfect forward secrecy (Black Hat Conference 2016) - All Articles - CISO Platform

All Articles

Recover A RSA Private key from a TLS session with perfect forward secrecy (Black Hat Conference 2016)

Posted by pritha on November 24, 2016 at 7:13pm

Recover A RSA Private key from a TLS session with perfect forward secrecy

They always taught us that the only thing that can be pulled out from a SSL/TLS session using strong authentication and latest Perferct Forward Secrecy ciphersuites is the public key of the certificate exchanged during the handshake - an insufficient condition to place a MiTM attack without to generate alarms on the validity of the TLS connection and certificate itself. Anyway, this is not always true. In certain circumstances it is possible to derive the private key of server regardless of the size of the used modulus. Even RSA keys of 4096 bits can be factored at the cost of a few CPU cycles and computational resources. All that needed is the generation of a faulty digital signature from server, an event that can be observed when occurring certain conditions such as CPU overheating, RAM errors or other hardware faults. Because of these premises, devices like firewall, switch, router and other embedded appliances are more exposed than traditional IT servers or clients. During the talk, the author will explain the theory behind the attack, how common the factors are that make it possible and his custom pratical implementation of the technique. At the end, a proof-of-concept, able to work both in passive mode (i.e. only by sniffing the network traffic) and in active mode (namely, by participating directly in the establishment of TLS handshakes), will be released.

Speakers

Marco Ortisi

Marco Ortisi works as Senior Penetration Tester in ENCS (European Network for Cyber Security) where he is fully involved in increasing the security of European critical infrastractures such as energy grids, and reducing the gap with the classical IT systems. Netizen since 1996, he has literally grown up on ""bread and vulnerability's research,"" a fascinating field leading him to continuosly study new attack techniques and at the same time to develop alternative defense methods. Prior to this role at ENCS, Marco worked as Independent Penetration Tester and Security Consultant on different sectors (telco, governmental, utility, banking, pharmaceutical, financial, etc...) by helping to improve the IT security posture of several big companies and organizations operating in EMEA (Europe and Middle East).

Detailed Presentation:

(Source: Black Hat USA 2016, Las Vegas)

8669803288?profile=original

Views: 122
Votes: 0
E-mail me when people leave their comments –
Follow
Posted by pritha

Community Head, CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Join The Community Discussion

Read More

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)
 

 

 

CISO Platform Talks : Security FireSide Chat With A Top CISO or equivalent (Monthly)

Jun 1, 2025 at 3:00am to Dec 31, 2025 at 3:00am UTC+5.5
Virtual
  • Description:

    CISO Platform Talks: Security Fireside Chat With a Top CISO

    Join us for the CISOPlatform Fireside Chat, a power-packed 30-minute virtual conversation where we bring together some of the brightest minds in cybersecurity to share strategic insights, real-world experiences, and emerging trends. This exclusive monthly session is designed for senior cybersecurity leaders looking to stay ahead in an ever-evolving landscape.

    We’ve had the privilege of…

  • Created by: Biswajit Banerjee
  • Tags: ciso, fireside chat

6 City Playbook Round Table Series (Delhi, Mumbai, Bangalore, Pune, Chennai, Kolkata)

Sep 1, 2025 at 5:00pm to Oct 31, 2025 at 8:00pm UTC+5.5
India
  • Description:

    Join us for an exclusive 6-city roundtable series across Delhi, Mumbai, Bangalore, Pune, Chennai, and Kolkata. Curated for top cybersecurity leaders, this series will spotlight proven strategies, real-world insights, and impactful playbooks from the industry’s best.

    Network with peers, exchange ideas, and contribute to shaping the Top 100 Security Playbooks of the year.

    Date : Sept 2025 - Oct 2025

    Venue: Delhi, Mumbai, Bangalore, Pune,…

  • Created by: Biswajit Banerjee

National Insider Risk Symposium, Washington DC, USA 2025

Sep 17, 2025 to Sep 18, 2025
Washington DC, USA
  • Description:

    We are excited to invite you to the 10th National Insider Risk Symposium, a premier forum bringing together leaders and experts from both the commercial and public sectors to address the evolving landscape of insider threats. CISOPlatform is a proud community partner for this event. 

    Event Details:
    Venue: National Housing Center, 1201 15th St NW, Washington, D.C. 20005
    Dates: September 17–18,…

  • Created by: Biswajit Banerjee
  • Tags: national insider risk symposium, ciso, cybersecurity events, usa events

CISO Platform: CISO 100 Awards & Future CISO Awards 2025 @ Atlanta, Georgia

Oct 1, 2025 at 8:00am to Oct 2, 2025 at 5:00pm UTC-04
Renaissance Atlanta Waverly Hotel & Convention Center
  • Description:

    Nominate for the CISOPlatform CISO 100 Awards & Future CISO Awards - Recognizing Cybersecurity Leaders. Recommend someone you know deserving of this prestigious accolade....Nominate your colleague, mentor, someone you admire or yourself !

    CISO Platform is collaborating as a community partner with EC-Council’s Global CISO Forum, supporting initiatives such as the CISO Platform…

  • Created by: Biswajit Banerjee
  • Tags: ciso, usa, ciso award, nominate, atlanta