oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: invalid curve attack on bouncycastle

From: cve-assign () mitre org
Date: Thu, 22 Oct 2015 14:08:10 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


bouncycastle versions older than 1.51 are vulnerable to an
invalid curve attack as described in this article:
http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html

The attack allows to extract private keys used in elliptic curve
cryptography with a few thousands queries.

According to upstream developer Peter Dettman, the issue has been fixed
with those two commits:
https://github.com/bcgit/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83
https://github.com/bcgit/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04


Use CVE-2015-7940.

A Bouncy Castle product intentionally has a unique CVE ID because of its
independent codebase. However, as noted in
the practical-invalid-curve-attacks.html posting, the issue is related
to CVE-2015-2613. The MITRE CVE team plans to update
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613 to
reflect the additional information from Juraj Somorovsky.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWKSUrAAoJEL54rhJi8gl532EP/i5pdcg7gnrde6hmPBG0i4p1
hiw0AHUkbXOZQi7X8Em7xdfRgZ4/jGVQFovQDfoB2DyDna5wgcdVgICp3cWrKDIG
v/E6UniIV1ksn7IXgY6SWEHBNoAO8NeIpeYJVXAZiQRquOv07efVbDq3UpUBF1lx
DqeN81DnnM0G7w/c39HsKsBYhgTbMK1uAQuwi0eH9X02P1DNkUB8Ppbs94TtnmFL
q8zlFEawj3XZxOL1Q/6Sxf/UnCD3l1rUilZI+etQgaDUZwBrMSR2Owcx4UD9zZPd
nyc8gL0yUSxfFz+svLcivCVq2ORFMpxpDJ4d5yTLb9dFQm2wwQN68zS/qUL9cJ8x
3VrRDdWsu2cPBfl1HPAt2th3aFNe8OKy4r4hXWWED1YfMKZsFr//hMOrrmOO197I
dm4tX42VTH2lg+nHzdts8bOVi7hIHy6+46mdEtB381cvDCKzs6af8KZU0CsvXeyH
a1S493BioNjt15jfn2MLQJx584kvaO5VLI+tGLgWksOX9aMjBMEXRk1Lnslt/fO7
K2e8NM101U0ff5+7eDr/o2EOCpIhY3uZFy5Bu2ZHPG2gi9+D8yAdx5ZyqI/KeMwO
yPQe0A3rxboxtPzJ/p3sMlPmADP8yNLxNdQINgOG3ZpzfTscmbmeDITVLsSAj1Gu
9adfN/uWSq8ehtoCeB3s
=p0IO
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: