SwitchEmu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-03-10 00:12:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix leakage of projective coordinates in ECC

Browse Source 
See the comments in the code for how an attack would go, and the ChangeLog
entry for an impact assessment. (For ECDSA, leaking a few bits of the scalar
over several signatures translates to full private key recovery using a
lattice attack.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
2020-03-25 12:41:29 +01:00
parent bfa0f7d540
commit f60041688c
2 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@@ -2,6 +2,13 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS x.x.x branch released xxxx-xx-xx
Security
* Fix side channel in ECC code that allowed an adversary with access to
precise enough timing and memory access information (typically an
untrusted operating system attacking a secure enclave) to fully recover
an ECDSA private key. Found and reported by Alejandro Cabrera Aldaya,
Billy Brumley and Cesar Pereida Garcia. CVE-2020-10932
Bugfix
* Fix compilation failure when both MBEDTLS_SSL_PROTO_DTLS and
MBEDTLS_SSL_HW_RECORD_ACCEL are enabled.