ProHoster > Blog > internet nhau > New Side Channel Attack Technique yekudzoreredza ECDSA Keys

New Side Channel Attack Technique yekudzoreredza ECDSA Keys

Vanotsvakurudza kubva kuYunivhesiti. Masaryk uncovered ruzivo nezve vulnerabilities mukuita kwakasiyana-siyana kweECDSA/EdDSA dhijitari yekugadzira siginecha algorithm, iyo inokutendera iwe kudzoreredza kukosha kwekiyi yakavanzika zvichienderana nekuongororwa kwekuburitswa kweruzivo nezve mabhiti ega ega anobuda kana uchishandisa yechitatu-bato nzira dzekuongorora. Kusagadzikana kwacho kwakatumidzwa zita rekuti Minerva.

Mapurojekiti anozivikanwa kwazvo anokanganiswa neyakarongwa nzira yekurwisa ndeye OpenJDK/OracleJDK (CVE-2019-2894) uye raibhurari. libgcrypt (CVE-2019-13627) inoshandiswa muGnuPG. Zvakare kutarisana nedambudziko MatrixSSL, Crypto++, wolfCrypt, elliptical, jsrsasign, python-ecdsa, ruby_ecdsa, fastecdsa, nyore-ecc uye Athena IDProtect smart makadhi. Hazvina kuedzwa, asi Valid S/A IDflex V, SafeNet eToken 4300 uye TecSec Armored Card makadhi, anoshandisa yakajairwa ECDSA module, anonziwo angangove panjodzi.

Dambudziko rakatogadziriswa mukuburitswa kwe libgcrypt 1.8.5 uye wolfCrypt 4.1.0, mapurojekiti akasara haasati agadzira zvigadziriso. Iwe unogona kuteedzera gadziriso yekusagadzikana mune libgcrypt package mukugovera pamapeji aya: Debian, Ubuntu, RHEL, Fedora, vhuraSUSE / SUSE, FreeBSD, Arch.

Vulnerabilities kwete kubatwa OpenSSL, Botan, mbedTLS uye BoringSSL. Haisati yaedzwa Mozilla NSS, LibreSSL, Nettle, BearSSL, cryptlib, OpenSSL mune FIPS mode, Microsoft .NET crypto,
libkcapi kubva kuLinux kernel, Sodium uye GnuTLS.

Dambudziko rinokonzerwa nekugona kuona kukosha kwemabhiti ega panguva yekuwedzera kwe scalar mu elliptic curve mashandiro. Nzira dzisina kunanga, dzakadai sekufungidzira kunonoka kwekombuta, dzinoshandiswa kuburitsa ruzivo rushoma. Kurwiswa kunoda kusawana mukana kune muenzi panogadzirwa siginecha yedhijitari (kwete kunze uye kurwisa kure, asi yakanyanya kuoma uye inoda huwandu hukuru hwe data yekuongorora, saka inogona kunzi haigoneki). Zvekurodha inowanikwa midziyo inoshandiswa pakurwisa.

Pasinei nehukuru husina kukosha hwekuvuza, kune ECDSA kuonekwa kwediki diki neruzivo nezve yekutanga vector (nonce) inokwana kuita kurwisa kudzoreredza kudzoreredza kiyi yese yakavanzika. Zvinoenderana nevanyori veiyo nzira, kuti ubudirire kudzoreredza kiyi, kuongororwa kwemazana akati wandei kusvika kune akati wandei ezviuru edhijitari masiginecha akagadzirwa kune mameseji anozivikanwa kune anorwisa anokwana. Semuyenzaniso, zviuru gumi nerimwe zvemasignature edhijitari akaongororwa pachishandiswa secp90r256 elliptic curve kuona kiyi yakavanzika inoshandiswa paAthena IDProtect smart kadhi yakavakirwa paInside Secure AT1SC chip. Nguva yese yekurwisa yaive maminitsi makumi matatu.

Source: opennet.ru

Voeg