The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.
Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed.
| Link | Tags |
|---|---|
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:136 | vendor advisory |
| http://www.kb.cert.org/vuls/id/MAPG-8FENZ3 | us government resource |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:137 | vendor advisory |
| http://www.debian.org/security/2011/dsa-2309 | vendor advisory |
| http://support.apple.com/kb/HT5784 | |
| http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html | vendor advisory |
| https://hermes.opensuse.org/messages/8760466 | vendor advisory |
| http://www.kb.cert.org/vuls/id/536044 | third party advisory us government resource |
| https://hermes.opensuse.org/messages/8764170 | vendor advisory |
| http://secunia.com/advisories/44935 | third party advisory |
| http://eprint.iacr.org/2011/232.pdf | exploit |