lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 13 Sep 2013 08:56:34 +0200
From: king cope <>
Subject: Re: OpenSSL,
 OpenSSH ecdsa authentication code inconsistent return values.. no

Georgi thanks for the pointer, though I guess points that are not on
the curve will be rejected in the case the curve is not user supplied.
If the curve is user supplied the authentication might succeed if this
case is not catched before.
Great work Georgi, always wanted to thank you ;-)

2013/9/13 Georgi Guninski <>:
> Didn't quite understood the checks, but here is an idea:
> If you can make a user supplied point NOT ON THE curve
> to be accepted as valid, this might break the other private
> key (basically it is working on another curve, leaking info
> about the private key).
> There is a document describing the exact attack,
> if you can do this check for a start:
> On Fri, Sep 13, 2013 at 08:11:47AM +0200, king cope wrote:
>> Hello lists,
>> Attached is the blog post for the mentioned issues that in its shape
>> are not a vulnerability, still interesting to see.
>> Cheers,
>> Kingcope
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter:
>> Hosted and sponsored by Secunia -

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists