搜索结果: 1-6 共查到“密码学 OpenSSL”相关记录6条 . 查询时间(0.062 秒)
Degenerate Fault Attacks on Elliptic Curve Parameters in OpenSSL
OpenSSL Elliptic curve cryptography Invalid curve attack
2019/4/22
In this paper, we describe several practically exploitable fault attacks against OpenSSL's implementation of elliptic curve cryptography, related to the singular curve point decompression attacks of B...
In this work we demonstrate various weaknesses of the random
number generator (RNG) in the OpenSSL cryptographic library. We
show how OpenSSL’s RNG, knowingly in a low entropy state, potentially
le...
CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
side-channel attacks cache attacks cryptographic implementations
2016/3/2
The scatter-gather technique is a commonly-implemented approach to
prevent cache-based timing attacks. In this paper we show that scatter-gather is
not constant-time. We implement a cache timing att...
Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack
Side Channel Attack Cache ECDSA
2016/1/25
We illustrate a vulnerability introduced to elliptic curve cryptographic protocols when implemented using a function of the OpenSSL cryptographic library. For the given implementation using an ellipti...
Timing and Lattice Attacks on a Remote ECDSA OpenSSL Server: How Practical Are They Really?
DSA ECDSA Timing Attacks
2015/12/23
In 2011, B.B.Brumley and N.Tuveri found a remote timing attack
on OpenSSL’s ECDSA implementation for binary curves. We will
study if the title of their paper was indeed relevant (Remote Timing
Atta...
New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures
Side channel attacks branch prediction attacks cache eviction attacks Binary Extended Euclidean Algorithm
2008/9/17
Software based side-channel attacks allow an unprivileged spy process to extract secret information from a victim (cryptosystem) process by exploiting some indirect leakage of “side-channel” informati...