A number of TLS software implementations contain vulnerabilities that allow hackers with minimal computational expense to learn RSA keys. Florian Weimer, a researcher with Red Hat, last week published a paper called

The TLS implementations in these products, Weimer said, lack proper hardening to defend against what is known as the Lenstra attack against the Chinese Remainder Theorem, also known as RSA-CRT.