oss-sec mailing list archives
Re: Miscomputations of elliptic curve scalar multiplications in Nettle
From: cve-assign () mitre org
Date: Tue, 2 Feb 2016 19:33:33 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
I discovered two carry propagation bugs
The P-256 bug is in the C code and affects multiple architectures. https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003028.html secp256 calculation bug (already fixed) Sat Dec 12 21:48:58 CET 2015 https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d 2015-12-10
Use CVE-2015-8803.
The P-384 bug is in the assembly code and only affects 64 bit x86. https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003024.html Miscalculations on secp384 curve Fri Dec 11 11:19:05 CET 2015 https://git.lysator.liu.se/nettle/nettle/commit/fa269b6ad06dd13c901dbd84a12e52b918a09cd7 2015-12-15
Use CVE-2015-8804.
Niels Moeller discovered another carry propagation bug in P-256 https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d 2015-12-10
Use CVE-2015-8805. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWsUqEAAoJEL54rhJi8gl5kBgP/3SoSxsZyGfBYj+2LR1uF/o7 1cIStfXACb7RaB02DnCzkjxlBBPUxxPnZbW3nDR7XHe1n9dVSmWYavenQceikS2y EJmRuu6L7CaXDQ9nwj9kfmUaLoPmC737eD5vkUNu3gWyyDaDpeb4ve0UHNmInNRG efDC4MbT9Tmzhpfx0cDkG5hdPImWgNDQRf2loSZ2owy7XcH3a0U60kZ5mwXndQms eEzyj2tD4gE1VWbadjuqPplkyCjp39a30WhbWNAdizHKj5N4ai0+W7uy1P1y47qK BsRQwtPprsf/Vsozmf4y/tMwX4zB3DFLKq/Gtm7wjj43SSahMkN22d2tCxHfTfHB Cj8YciUtun9oGOPDFCMcwmzY6UrmR+Hn+DCmp821FrHD12JEaptB+BNvDkit1/0F lyMWCuoiqoUUplIYY3K33Ys5I8WFxw2E3eGrCmcNs3nZ+IOEqZRedwGElLFKISwJ EFA2fzJp0VI2jpq6+/S4d3F70BFjsZ1ZvVd+KIYvrncfOz0A76/xCWCo2spQFz39 W3gsOVN5vPajqfI091nFwTaX3y7wqkFhb20YV11Pz38rgiM5Kfrgj03g5n1tF0oD 7mSgLHCnI8Uz1UxJcTAYoAGHLxFZu4hM+CL5rVq3hVlUpZhj4fjE29LUdq16lYij dZFxx5TihZtuH0n6KxkM =5gQs -----END PGP SIGNATURE-----
Current thread:
- Miscomputations of elliptic curve scalar multiplications in Nettle Hanno Böck (Feb 02)
- Re: Miscomputations of elliptic curve scalar multiplications in Nettle cve-assign (Feb 02)