Kmackay

Name of the Vulnerable Software and Affected Versions: micro-ecc library version 1.0 Description: The ECDSA operation of the micro-ecc library is susceptible to simple power analysis attacks. This allows an adversary to extract the private ECC key. Recommendations: For micro-ecc library version 1.0, consider implementing countermeasures to prevent simple power analysis attacks, such as using secure coding practices or adding noise to the power consumption patterns. At the moment, there is no information about a newer version that contains a fix for this vulnerability.