Hi All, Should the openssl implementation immediately fix the recently reported vulnerability to a hardware fault attack reported in 0.9.8i :
http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf It appears that if the library were to check the result of the fixed width exponentiation before employing it, that would fix the problem. Peter ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
