4 matches found
crystals-go vulnerable to KyberSlash (timing side-channel attack for Kyber)
Impact On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn parts of the secret key. Patches Patched in https://github.com/kudelskisecurity/crystals-go/pull/21 Note This library was written as part of a MsC student project in the...
GHSA-F6JH-HVG2-9525 crystals-go vulnerable to KyberSlash (timing side-channel attack for Kyber)
Impact On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn parts of the secret key. Patches Patched in https://github.com/kudelskisecurity/crystals-go/pull/21 Note This library was written as part of a MsC student project in the...
PoC Exploits Published For Microsoft Crypto Bug
Two proof-of-concept PoC exploits have been publicly released for the recently-patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft. The vulnerability CVE-2020-0601 could enable an attacker to spoof a code-signing certificate necessary for validati...
Modular Distributed Fingerprinting Engine: Scannerl
Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl works on...