pkcs1.html

Technical Details

There is a problem. It has been fixed. If you are using SSL and also use SSLeay then you can simply grab patches and rebuild. For non-SSLeay based systems you will need to contact the vendor directly.

The quick overview is that there is an information leak in most SSL implementations which exposes the server to a complex attack discovered by Daniel Bleichenbacher. This attack can recover the session key.

C2Net have a good FAQ on the topic at http://www.c2.net/products/stronghold/support/PKCS1.php which is very relevant for SSLeay users.

Eric has detailed his views on the attack at ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/README.PKCS1

PATCHES

SSLeay-090-090b.patch.gz SSLeay-0.9.0 PATCH
SSLeay-0.9.0b.tar.gz SSLeay-0.9.0b – new release with patch applied
SSLeay-081-081b.patch.gz SSLeay-0.8.1 PATCH
SSLeay-0.8.1b.tar.gz SSLeay-0.8.1b – new release with patch applied
SSLeay-066-066b.patch.gz SSLeay-0.6.6 PATCH
SSLeay-0.6.6b.tar.gz SSLeay-0.6.6b – new release with patch applied
Press Statements
RSA Data Security Works With Internet Software Vendors to Respond to Potential Security Attack on Secure Web Communications 26th June 1998 RSA Data Security, Inc.
Vulnerability in some usages of PKCS#1 26th June 1998 CERT Advistory CA-98.07
Devasting hack attack averted 25th June 1998 MSNBC
RSA works to fix flaw in Web communications 26th June 1998 Reuters (Yahoo)
E-commerce crypto code cracked 26th June 1998 CNET NEWS.COM
Security Flaw Found, Fixed 26th June 1998 Wired
Local cryptographers help defuse SSL security hole 30th June 1998 APCmag
Bell Labs Researcher Finds Flaw in Widely Used Encryption Standard 30th June 1998 Bell Labs
Vendor Statements
SSL/PKCS1 Fix Home 26th June 1998 RSA Data Security, Inc.
SSL/PKCS1 Security Alert 26th June 1998 C2Net Software, Inc.
SSL Discovery 26th June 1998 Netscape Communications Corporation
Microsoft Security Bulletin (MS98-002) 26th June 1998 Microsoft
Security Statements 26th June 1998 Open Market, Inc.
SSL & TLS PKCS#1 Security Information 26th June 1998 Consensus Development
Bleichenbacher Discovery Q&A; 29th June 1998 RSA Data Security, Inc.