10 matches found
CVE-2017-13096
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases,...
Design/Logic Flaw
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases,...
CVE-2017-13096
CVE-2017-13096 concerns the IEEE P1735 standard where the Rights Block (RSA-encrypted AES key) can be modified to remove or relax access control. The connected sources document a cryptographic design flaw that enables an attacker with access to EDA tools or to the standard’s workflow to alter rig...
CVE-2017-13092
CVE-2017-13092 involves the IEEE P1735 standard and a flaw in hardware description language (HDL) syntax that can allow an electronic design automation (EDA) tool to act as a decryption oracle. The vulnerability enables recovery of plaintext IP from encrypted designs and may enable insertion of h...
CVE-2017-13091 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in t...
CVE-2017-13093 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of encrypted IP cyphertext to insert hardware trojans
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases...
CVE-2017-13096 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax access control
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases,...
CVE-2017-13094 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of the encryption key and insertion of hardware trojans in any IP
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most...
CVE-2017-13091
CVE-2017-13091 concerns the IEEE P1735 standard’s handling of encryption for electronic-design IP. The issue arises from improperly specified padding in CBC mode, which can enable an EDA tool to function as a decryption oracle and, in the worst cases, allow recovery of the entire underlying plain...
CVE-2017-13094
The CVE-2017-13094 entry concerns flaws in the IEEE P1735 cryptographic workflow for encrypting electronic-design IP. The available documents describe that the standard enables manipulation of the encryption key and insertion of hardware trojans into IP, potentially allowing an attacker to recove...