SUSE CVE-2017-15361

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module TPM firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various...

ROCA - Vulnerable RSA Generation: HP Trusted Platform Module (TPM) Accessory and Certain HP Enterprise Printer and MFP Products, Certain HP PageWide Printer and MFP Products with Standard TPM

A potential security vulnerability known as “ROCA: Vulnerable RSA Generation” has been identified with the RSA keys generated by the HP Trusted Platform Module TPM Accessory and printers equipped with a TPM. This vulnerability could potentially be exploited remotely to allow remote disclosure of...

How to try to predict the output of Micali-Schnorr Generator (MS-DRBG) knowing the factorization. Part II

See also Part I and Part III of this series tl;dr In the previous article of the same series we tried to predict the output of Micali-Schnorr Generator MS-DRBG knowing the factorization. In this blog post we continue the effort started in part I showing different strategies. If you want to skip a...

rsa-vuln-roca NSE Script

Detects RSA keys vulnerable to Return Of Coppersmith Attack ROCA factorization. SSH hostkeys and SSL/TLS certificates are checked. The checks require recent updates to the openssl NSE library. References: See also: ssl-cert.nse ssh-hostkey.nse Script Arguments mssql.domain, mssql.instance-all,...

CVE-2017-15361

The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module TPM firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various...