RSA[443][444] key exchange is a key exchange[133] that has no forward secrecy[127][128][129][130], and does not protect past sessions against future compromises. If long-term secret keys or passwords are compromised, encrypted communications and sessions recorded in the past can be retrieved and decrypted. Throughout its history RSA encryption has had many security flaws[445][446][447][448][449][450] and was affected by variety of attack types: chosen-ciphertext attack[55] (eg: Bleichenbacher's attack[1][2], ROBOT attack[18][19][20][21]), side-channel attack[69][70][71] (eg: padding oracle attack[63][64][65][66], like Bleichenbacher's cat[3][4][5][6]).
Get a prompt and clear overview of your security configuration. Right now!
You can fix your security setting with the following config snippets in various services. You simply copy-paste (or delete) them to get a better secirity and grade. Do not forget to re-check your modified settings above.
If you want to reveal your security weaknesses and monitor your services or supply chain sign up for our beta test.
