ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries

Submitted on 15. June 2018 - 12:08 by rischi.
Last update on 4. July 2018 - 9:34.

Keywords:

ROHNP, ECDSA, DSA

Description:

ROHNP [1] is an implementation flaw in multiple cryptographic libraries that allows a side-channel based attacker to recover ECDSA or DSA private keys.

Airlock WAF is not affected because ECDSA or DSA private keys are not supported.

Resolution:

No action required.

Component:

Airlock

Airlock Vulnerability Status:

Does not affect Airlock

Back-end Vulnerability Status:

No action required

Reference:

[1] Technical Advisory: "ROHNP"- Key Extraction Side Channel in Multiple Crypto Libraries

Main menu

Navigation

User menu

You are here

ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries

Main menu

Search form

Navigation

User menu

You are here

ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries