projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e0660c6) | patch
Fix for CVE-2014-0076
authorDr. Stephen Henson <steve@openssl.org>
Wed, 12 Mar 2014 14:16:19 +0000 (14:16 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 12 Mar 2014 14:19:54 +0000 (14:19 +0000)
commit4b7a4ba29cafa432fc4266fe6e59e60bc1c96332
treeee5a9cca2a910d9231653ec7e21e67edaa59babbtree | snapshot
parente0660c6257306a91eff7a471141a71e8f2a02795commit | diff
Fix for CVE-2014-0076

Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
(cherry picked from commit 2198be3483259de374f91e57d247d0fc667aef29)

Conflicts:

CHANGES
CHANGES diff | blob | history
crypto/bn/bn.h diff | blob | history
crypto/bn/bn_lib.c diff | blob | history
crypto/ec/ec2_mult.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.