4 matches found
CVE-2026-49440
Summary: CVE-2026-49440 affects Deno’s crypto.primality tests when using default options (checks=0) for checkPrime/checkPrimeSync, causing some composites to be reported as prime due to zero Miller-Rabin rounds. This occurs in the node:crypto path and related op_node_check_prime implementations; ...
GHSA-9XG4-QHM4-G43W Deno: Miller-Rabin Primality Test Allows Zero Rounds
Summary node:crypto.checkPrimecandidate, options, callback and crypto.checkPrimeSynccandidate, options ran no Miller-Rabin rounds at all when the caller left options.checks at its default of 0. In that mode, the only test applied to the candidate was trial division by the primes up to 17,863. Any...
Benchmarking RSA Key Generation
RSA key generation is both conceptually simple, and one of the worst implementation tasks of the field of cryptography engineering. Even benchmarking it is tricky, and involves some math: here’s how we generated a stable but representative “average case” instead of using the ordinary statistical...
bouncycastle: flaw in the low-level interface to RSA key pair generator
A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...