3 matches found
CVE-2017-13095
CVE-2017-13095 is a vulnerability in the IEEE P1735 encryption workflow where an attacker can modify a license-deny response to a license grant (or vice versa) within the EDA/tooling workflow. The connected sources describe this as part of the P1735 weaknesses that can enable IP theft or the inse...
CVE-2017-13095 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of a license-deny response to a license grant
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable...
US-CERT Warns of Crypto Bugs in IEEE Standard
Recent academic work focused on weak cryptographic protections in the implementation of the IEEE P1735 standard has been escalated to an alert published Friday by the Department of Homeland Security. DHS’ US-CERT warned the IEEE P1735 standard for encrypting electronic-design intellectual propert...