OpenSSL weakness can expose sensitive information

A weakness has been reported in OpenSSL, which can be exploited by malicious people to disclose potentially sensitive information, according to Secunia.

The weakness is caused due to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) not properly preventing timing attacks, which can be exploited to e.g. disclose the private key of a TLS server using ECDSA signatures.

Solution: Use another signature algorithm.

For more information read the “Remote Timing Attacks are Still Practical” paper here.

This paper describes a timing attack vulnerability in OpenSSL’s ladder implementation for curves over binary fields. The authors use this vulnerability to steal the private key of a TLS server where the server authenticates with ECDSA signatures. Using the timing of the exchanged messages, the messages themselves, and the signatures, they mount a lattice attack that recovers the private key. Finally, the authors describe and implement an effective countermeasure.