Re: OpenSSL: bug in modular exponentiation

[zugtprgfwprz () spornkuller de]

Hi Guido,

On 20.03.2018 22:34, Guido Vranken wrote:
> My bignum fuzzer (https://github.com/guidovranken/bignum-fuzzer)
> running on Google's oss-fuzz recently found a bug in affecting
> constant-time modular exponentiation.

Interesting -- could you confirm that the effect of this bug is a
miscalculation? Or is it breaking the constant-time assertion?

> OpenSSL does not treat this as a security vulnerability. This is a
> heads-up to developers who rely on the affected code so they can
> review the impact on their applications on a case-by-case basis.

Do you have a pointer as to where this was discussed? Do you consider it
a security vulnerability? Can you give advice to developers of how to
mitigate this kind of issue?

Is it regarded a WONTFIX by OpenSSL or is it going to be fixed (just not
treated as security-criticial)? If so, do you know the fix version?

Cheers and best regards,
Johannes