They're relying on two classic attacks, one on AES-CBC and one one RSA with PKCS1.5 padding.
The former is probably the best known cryptanalytic attack in the world (it's the one Thai Duong and Juliano Rizzo used against J2EE and .NET 2 years ago, and there are publicly available attack tools that will attempt to exploit it against arbitrary targets.
The latter is Bleichenbacher's, very well known in the literature but not widely exploited (this is a crypto attack that involves some linear algebra).
The rough sketch of both attacks is similar. It exploits a target that holds a secret key and reacts to arbitrary attacker-chosen messages. The attacker has no knowledge of the key, but might have knowledge of a known-good message. The attacker modifies the message in targeted ways and sends to the target; the target attempts to decrypt the message; the decryption goes haywire (because the attacker has modified the message without knowing the key); the target's behavior changes visibly as a result of the decryption going haywire.
The attacker knows (1) the nature of the targeted change they made, and (2) whether or not the target reacted weirdly (raised an error, took longer to respond, failed to respond).
The attacker continues changing messages and collecting 2-tuples of [change, result]. The whole cryptographic attack then analyzes the list of 2-tuples and from it discerns some secret.
The researchers in this case have actually made a significant improvement to the Bleichenbacher attack, extending it to use division (multiplication by an inverse) as well as multiplication as in the classic attack.
The former is probably the best known cryptanalytic attack in the world (it's the one Thai Duong and Juliano Rizzo used against J2EE and .NET 2 years ago, and there are publicly available attack tools that will attempt to exploit it against arbitrary targets.
The latter is Bleichenbacher's, very well known in the literature but not widely exploited (this is a crypto attack that involves some linear algebra).
The rough sketch of both attacks is similar. It exploits a target that holds a secret key and reacts to arbitrary attacker-chosen messages. The attacker has no knowledge of the key, but might have knowledge of a known-good message. The attacker modifies the message in targeted ways and sends to the target; the target attempts to decrypt the message; the decryption goes haywire (because the attacker has modified the message without knowing the key); the target's behavior changes visibly as a result of the decryption going haywire.
The attacker knows (1) the nature of the targeted change they made, and (2) whether or not the target reacted weirdly (raised an error, took longer to respond, failed to respond).
The attacker continues changing messages and collecting 2-tuples of [change, result]. The whole cryptographic attack then analyzes the list of 2-tuples and from it discerns some secret.