Security News > 2017 > October > Vulnerability in code library allows attackers to work out private RSA keys

Researchers have discovered a security vulnerability in the Infineon-developed RSA library, which could be exploited by attackers to discover the RSA private key corresponding to an RSA public key generated by this library. This private key could be then misused to impersonate its legitimate owner, decrypt sensitive messages, forge signatures (e.g. for software releases) and more. The vulnerable version of the library is v1.02.013, and it’s unfortunately been in use since 2012 in a wide … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/CCqsNYkMwN4/