Suppose an OpenSSL buffer overflow allows code exec. Target is running Titus. Can't attacker steal key using, e.g., RSA_NO_PADDING? @__agwa
Replying to @hashbreaker
@hashbreaker Blinding, etc. are applied in priv'd process for side channel protection. Are there other ways decryption oracle can leak key?
7:34 AM - 25 Dec 2015
0 replies
0 retweets
2 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.