5 matches found
CVE-2022-31021
Ursa is a cryptographic library for use with blockchains. A weakness in the Hyperledger AnonCreds specification that is not mitigated in the Ursa and AnonCreds implementations is that the Issuer does not publish a key correctness proof demonstrating that a generated private key is sufficient to...
Correctness of Extended RSA Public Key Cryptosystem
This paper proposes an alternative approach to formally establishing the correctness of the RSA public key cryptosystem. The methodology presented herein deviates slightly from conventional proofs found in existing literature. Specifically, this study explores the conditions under which the choic...
EUVD-2024-0224
Malicious code in bioql PyPI...
Design/Logic Flaw
Ursa is a cryptographic library for use with blockchains. A weakness in the Hyperledger AnonCreds specification that is not mitigated in the Ursa and AnonCreds implementations is that the Issuer does not publish a key correctness proof demonstrating that a generated private key is sufficient to...
CVE-2022-31021
CVE-2022-31021 concerns Ursa/AnonCreds CL-Signatures: a weakness where the issuer’s key correctness proof is not published, potentially enabling weakened private keys that could allow verifiers to link presentations to the issuer. The issue applies to the CL-Signatures implementations used in Urs...