Learn how to recover an RSA private key from a TLS session with Perfect Forward Secrecy in this 42-minute Black Hat conference talk. Explore the theory behind the attack, including the generation of faulty digital signatures due to hardware faults, and understand why embedded devices are particularly vulnerable. Discover the prerequisites for a successful attack, examine RSA signatures and RSA-CRT, and analyze vulnerable crypto libraries. Gain insights into the practical implementation of this technique, including both passive and active attack modes. Delve into topics such as PKCS 1.5 padding, suitable ciphersuites, and the workings of the High Voltage! tool. Examine the application of these concepts to IKEv1 Phase 1 Main Mode and Aggressive Mode with signature authentication.