[ASA-201912-3] crypto++: private key recovery

Remi Gacogne rgacogne at archlinux.org
Wed Dec 11 08:49:03 UTC 2019


Arch Linux Security Advisory ASA-201912-3
=========================================

Severity: High
Date    : 2019-12-06
CVE-ID  : CVE-2019-14318
Package : crypto++
Type    : private key recovery
Remote  : Yes
Link    : https://security.archlinux.org/AVG-1046

Summary
=======

The package crypto++ before version 8.2.0-2 is vulnerable to private
key recovery.

Resolution
==========

Upgrade to 8.2.0-2.

# pacman -Syu "crypto++>=8.2.0-2"

The problem has been fixed upstream but no release is available yet.

Workaround
==========

None.

Description
===========

A vulnerability has been found in the ECDSA/EdDSA implementation of
crypto++ up to 8.2.0, allowing for practical recovery of the long-term
private key.

Impact
======

An attacker might be able to recover long-term private key by measuring
the duration of hundreds to thousands of signing operations of known
messages.

References
==========

https://seclists.org/oss-sec/2019/q4/3
https://minerva.crocs.fi.muni.cz/
https://github.com/weidai11/cryptopp/issues/869
https://github.com/weidai11/cryptopp/pull/870/commits/80c59bcdb251043f27eef95a4f31224c4615c3ec
https://github.com/weidai11/cryptopp/commit/c9ef9420e762
https://security.archlinux.org/CVE-2019-14318

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20191211/687203d2/attachment.sig>


More information about the arch-security mailing list