git.openssl.org Git - openssl.git/commit

author	Dr. Stephen Henson <steve@openssl.org>
	Wed, 12 Mar 2014 14:16:19 +0000 (14:16 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Wed, 12 Mar 2014 14:16:19 +0000 (14:16 +0000)
commit	2198be3483259de374f91e57d247d0fc667aef29
tree	4f90995bbbd9f9a676314b1c35b4f8f72084dad9	tree \| snapshot
parent	6fe498497c38378df332e7938ebcc60686de4c91	commit \| diff

Fix for CVE-2014-0076

Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.

CHANGES		diff \| blob \| history
crypto/bn/bn.h		diff \| blob \| history
crypto/bn/bn_lib.c		diff \| blob \| history
crypto/ec/ec2_mult.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom