oss-sec mailing list archives
Re: CVE Request: invalid curve attack on bouncycastle
From: cve-assign () mitre org
Date: Thu, 22 Oct 2015 14:08:10 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
bouncycastle versions older than 1.51 are vulnerable to an invalid curve attack as described in this article: http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html The attack allows to extract private keys used in elliptic curve cryptography with a few thousands queries. According to upstream developer Peter Dettman, the issue has been fixed with those two commits: https://github.com/bcgit/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83 https://github.com/bcgit/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04
Use CVE-2015-7940. A Bouncy Castle product intentionally has a unique CVE ID because of its independent codebase. However, as noted in the practical-invalid-curve-attacks.html posting, the issue is related to CVE-2015-2613. The MITRE CVE team plans to update http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613 to reflect the additional information from Juraj Somorovsky. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWKSUrAAoJEL54rhJi8gl532EP/i5pdcg7gnrde6hmPBG0i4p1 hiw0AHUkbXOZQi7X8Em7xdfRgZ4/jGVQFovQDfoB2DyDna5wgcdVgICp3cWrKDIG v/E6UniIV1ksn7IXgY6SWEHBNoAO8NeIpeYJVXAZiQRquOv07efVbDq3UpUBF1lx DqeN81DnnM0G7w/c39HsKsBYhgTbMK1uAQuwi0eH9X02P1DNkUB8Ppbs94TtnmFL q8zlFEawj3XZxOL1Q/6Sxf/UnCD3l1rUilZI+etQgaDUZwBrMSR2Owcx4UD9zZPd nyc8gL0yUSxfFz+svLcivCVq2ORFMpxpDJ4d5yTLb9dFQm2wwQN68zS/qUL9cJ8x 3VrRDdWsu2cPBfl1HPAt2th3aFNe8OKy4r4hXWWED1YfMKZsFr//hMOrrmOO197I dm4tX42VTH2lg+nHzdts8bOVi7hIHy6+46mdEtB381cvDCKzs6af8KZU0CsvXeyH a1S493BioNjt15jfn2MLQJx584kvaO5VLI+tGLgWksOX9aMjBMEXRk1Lnslt/fO7 K2e8NM101U0ff5+7eDr/o2EOCpIhY3uZFy5Bu2ZHPG2gi9+D8yAdx5ZyqI/KeMwO yPQe0A3rxboxtPzJ/p3sMlPmADP8yNLxNdQINgOG3ZpzfTscmbmeDITVLsSAj1Gu 9adfN/uWSq8ehtoCeB3s =p0IO -----END PGP SIGNATURE-----
Current thread:
- CVE Request: invalid curve attack on bouncycastle Raphael Hertzog (Oct 22)
- Re: CVE Request: invalid curve attack on bouncycastle cve-assign (Oct 22)