David, Would your ECDSA implementation be subject to the following timing attack?
-------- Original Message -------- Subject: New Timing Attack on OpenSSL ECDSA Date: Wed, 25 May 2011 15:59:58 +0200 From: Mounir IDRASSI <[email protected]> Reply-To: [email protected] Organization: IDRIX To: [email protected] Hi all, Is there any plan for implementing counter measures against the newly discovered vulnerability in ECDSA operations of OpenSSL? For those not aware of it, here is the US-CERT link of this vulnerability : http://www.kb.cert.org/vuls/id/536044 Here is also the original paper that contains the vulnerability details : http://eprint.iacr.org/2011/232.pdf The patch suggested by the paper seems simple enough. It can be enhanced by adding a random multiple of the order to the scalar k. Is there any objection for getting this merged into OpenSSL source? Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
