Vulnerabilities > CVE-2019-13628 - Information Exposure Through Discrepancy vulnerability in Wolfssl
Attack vector
LOCAL Attack complexity
HIGH Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://www.openwall.com/lists/oss-security/2019/10/02/2
- http://www.openwall.com/lists/oss-security/2019/10/02/2
- https://eprint.iacr.org/2011/232.pdf
- https://eprint.iacr.org/2011/232.pdf
- https://minerva.crocs.fi.muni.cz/
- https://minerva.crocs.fi.muni.cz/
- https://tches.iacr.org/index.php/TCHES/article/view/7337
- https://tches.iacr.org/index.php/TCHES/article/view/7337