libcrypto patch available for DSA security issue

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

libcrypto patch available for DSA security issue

Bob Beck-2


Fixes are available to correct a problem that prevents the DSA signing
algorithm from running in constant time even if the flag
BN_FLG_CONSTTIME is set.

This issue was reported by Cesar Pereida (Aalto University), Billy
Brumley (Tampere University of Technology), and Yuval Yarom (The
University of Adelaide and NICTA). The fix was developed by Cesar
Pereida.

Patches are available for 5.8 and 5.9 at:

http://ftp.openbsd.org/pub/OpenBSD/patches/5.8/common/017_crypto.patch.sig
http://ftp.openbsd.org/pub/OpenBSD/patches/5.8/common/011_crypto.patch.sig

and have been commmitted to -current.

Portably LibreSSL releases will appear shortly.

Loading...