Daniel Bleichenbacher: Difference between revisions
m sp |
RjwilmsiBot (talk | contribs) m →External links: Adding Persondata using AWB (7345) |
||
| Line 12: | Line 12: | ||
* [http://www.bell-labs.com/user/bleichen/ Daniel Bleichenbacher's home page at Bell Labs] |
* [http://www.bell-labs.com/user/bleichen/ Daniel Bleichenbacher's home page at Bell Labs] |
||
{{Persondata <!-- Metadata: see [[Wikipedia:Persondata]]. --> |
|||
| NAME = Bleichenbacher, Daniel |
|||
| ALTERNATIVE NAMES = |
|||
| SHORT DESCRIPTION = |
|||
| DATE OF BIRTH = August 4, 1964 |
|||
| PLACE OF BIRTH = |
|||
| DATE OF DEATH = |
|||
| PLACE OF DEATH = |
|||
}} |
|||
{{DEFAULTSORT:Bleichenbacher, Daniel}} |
{{DEFAULTSORT:Bleichenbacher, Daniel}} |
||
[[Category:Modern cryptographers]] |
[[Category:Modern cryptographers]] |
||
| Line 17: | Line 26: | ||
[[Category:Living people]] |
[[Category:Living people]] |
||
[[Category:Google employees]] |
[[Category:Google employees]] |
||
{{crypto-stub}} |
{{crypto-stub}} |
||
Revision as of 13:13, 29 October 2010
Daniel Bleichenbacher (born August 4, 1964) is a Swiss cryptographer, previously a researcher at Bell Labs, but currently employed at Google. He received his Ph.D. from ETH Zurich in 1996 for contributions to computational number theory, particularly concerning message verification in the ElGamal and RSA public-key cryptosystems.[1]
In 1998, Daniel Bleichenbacher demonstrated a practical attack against systems using RSA encryption in concert with the PKCS#1 v1 encoding function, including a version of the Secure Socket Layer (SSL) protocol used by thousands of web servers at the time.[2] This attack was the first practical reason to consider adaptive chosen-ciphertext attacks.
In 2006 at a rump session at CRYPTO, Bleichenbacher described a "pencil and paper"-simple attack against RSA signature validation as implemented in common cryptographic toolkits. Both OpenSSL and the NSS security engine in Firefox were later found to be vulnerable to the attack, which would allow an attacker to forge the SSL certificates that protect sensitive websites.[3]
References
- ^ http://cr.yp.to/bib/1996/bleichenbacher-thesis.ps
- ^ Bleichenbacher, Daniel (1998). "CRYPTO '98": 1–12. Retrieved 2009-01-13.
{{cite journal}}:|contribution=ignored (help);|format=requires|url=(help); Cite has empty unknown parameters:|editors=and|coauthors=(help); Cite journal requires|journal=(help) - ^ Bleichenbacher's RSA signature forgery based on implementation error
External links
 | This cryptography-related article is a stub. You can help Wikipedia by expanding it. |