Vigil@nce - OpenSSL: ECDSA signature not computed in constant time
March 2017 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can monitor a process performing a DSA signature with
OpenSSL, in order to potentially obtain information about the
secret key.
Impacted products: Debian, BIG-IP Hardware, TMOS, OpenBSD,
OpenSSL, openSUSE Leap, Ubuntu.
Severity: 2/4.
Creation date: 11/01/2017.
DESCRIPTION OF THE VULNERABILITY
An attacker can therefore monitor a process performing a ECDSA
signature with OpenSSL, in order to potentially obtain information
about the secret key.
This vulnerability is the same than the one described in
VIGILANCE-VUL-19820, but this time it is about the elliptic curve
based variant of DSA.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/OpenSSL-ECDSA-signature-not-computed-in-constant-time-21550