With a 19 year old vulnerability, we were able to sign a message with the private key of Facebook. We'll show how we found one of the oldest TLS vulnerabilities in products of 10 different vendors and how we practically exploited it on famous sites. We'll also discuss how the countermeasures introduced back in TLS 1.0 and expanded over the years failed to prevent this and why RSA PKCS #1 v1.5 encryption should be deprecated. Finally, we'll present what related problems are still present and unfixed in many popular TLS libraries.
Craig Young is a computer security researcher with Tripwire's Vulnerability and Exposures Research Team (VERT). He has identified and responsibly disclosed dozens of vulnerabilities in products from Google, Amazon, IBM, NETGEAR, Adobe, HP, Apple, and others. His research has resulted in numerous CVE assignments and repeated recognition in the Google Application Security Hall of Fame. Craig won in track 0 and track 1 of the first ever SOHOpelessly Broken contest at DEF CON 22 by demonstrating 10 0-day flaws in SOHO wireless routers. His research into iOS WiFi problems exposed CVE-2015-3728 that could allow devices to inadvertently connect to malicious hot spots. Craig has also found many bugs by fuzzing a variety of open source software including PHP, Apache, Perl, Ruby, MatrixSSL, and more. In 2017, Craig was involved in the discovery of Bleichenbacher oracles in TLS stacks made by at least nine different vendors including Cisco, Citrix, F5, IBM, and Palo Alto.
Johannes Böck works as a freelance journalist and regularly covers IT security topics for the German IT news webpage Golem.de. He has written for several newspapers in the past and is the author of the monthly Bulletproof TLS Newsletter. Hanno also runs the Fuzzing Project, an effort to improve the security of free software applications.