23 matches found
EUVD-2017-16756
Malware in sbrugna...
CVE-2024-26317
In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINTATINFINITY when it should not. A man-in-the-middle attacker could use this to interfere with a connection...
Low Latency FPGA Implementation of Twisted Edward Curve Cryptography Hardware Accelerator over Prime Field
The performance of any elliptic curve cryptography hardware accelerator significantly relies on the efficiency of the underlying point multiplication PM architecture. This article presents a hardware implementation of field-programmable gate array FPGA based modular arithmetic, group operation, a...
CVE-2024-26317
In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINTATINFINITY when it should not. A man-in-the-middle attacker could use this to interfere with a connection...
illumos-gate 安全漏洞
illumos-gate is an open source Unix operating system from illumos open source. A security vulnerability exists in illumos-gate, which stems from an error in the elliptic curve point addition algorithm using mixed Jacobi affine coordinates, causing an attacked party to compute the wrong shared key...
CVE-2024-26317
In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINTATINFINITY when it should not. A man-in-the-middle attacker could use this to interfere with a connection...
Information Disclosure Through Timing Attack
mdanter/ecc is vulnerable to Sensitive Information Disclosure. The vulnerability is due to computing point addition in a non constant time, which allows an attacker to deduce the private key by comparing the time it takes to compute each point addition...
CVE-2024-33851
phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point addition. This is related to phpecc/phpecc on GitHub, and the Matyas Danter ECC library...
CVE-2024-33851
phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point addition. This is related to phpecc/phpecc on GitHub, and the Matyas Danter ECC library...
CVE-2024-33851
phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point addition. This is related to phpecc/phpecc on GitHub, and the Matyas Danter ECC library...
CVE-2024-33851
The CVE-2024-33851 issue concerns phpecc (paragonie/phpecc) and related libraries (mdanter/ecc, paragonie/ecc). The root cause is a branch-based timing leak in Point addition, causing a timing side-channel that can reveal sensitive information. Affected software includes phpecc/phpecc (and all ve...
PT-2024-25510 · Phpecc +1 · Phpecc +2
Name of the Vulnerable Software and Affected Versions: phpecc versions prior to 2.0.1 paragonie/ecc versions prior to 2.0.1 mdanter/ecc all versions Description: The issue is a branch-based timing leak in Point addition. This leak is related to the phpecc/phpecc library on GitHub and the Matyas...
CVE-2024-33851
phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point addition. This is related to phpecc/phpecc on GitHub, and the Matyas Danter ECC library...
phpecc 安全漏洞
phpecc is a pure PHP elliptic curve cryptography library open-sourced by Paragon Initiative Enterprises. A security vulnerability exists in phpecc versions prior to 2.0.1, which stems from a branch-based timing leak in Point addition...
mdanter/ecc affected by timing vulnerability in cryptographic side-channels
phpecc, as used in all versions of mdanter/ecc, as well as paragonie/ecc before 2.0.1, has a branch-based timing leak in Point addition. This Composer package is also known as phpecc/phpecc on GitHub, previously known as the Matyas Danter ECC library. Paragon Initiative Enterprises hard-forked...
SUSE CVE-2017-7781
An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINTATINFINITY" when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an...
Information Disclosure
firefox is vulnerable to information disclosure. The vulnerability exists as an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINTATINFINITY" when it should not...
CVE-2017-7781
An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINTATINFINITY" when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an...
CVE-2017-7781
CVE-2017-7781 affects Firefox before 55 due to an error in the elliptic-curve point addition using mixed Jacobian–affine coordinates, which can yield a spuriously computed POINT_AT_INFINITY. This could let a man‑in‑the‑middle attacker interfere with a connection and cause the affected party to co...
UBUNTU-CVE-2017-7781
An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINTATINFINITY" when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an...