PT-2020-12433 · Arm+3 · Arm Mbed Tls+3
Published
2018-03-26
·
Updated
2023-03-03
·
CVE-2020-10932
CVSS v3.1
4.7
Medium
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Arm Mbed TLS versions 2.16.6 and earlier
Arm Mbed TLS versions 2.7.x through 2.7.14
Description
An issue was discovered in Arm Mbed TLS where an attacker can recover the long-term ECDSA private key by exploiting side channels in the conversion to affine coordinates, using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar, and then using a lattice attack to get to the long-term ECDSA private key. This typically requires sufficient access, such as when attacking an SGX enclave and controlling the untrusted OS.
Recommendations
For Arm Mbed TLS versions 2.16.6 and earlier, update to version 2.16.6 or later.
For Arm Mbed TLS versions 2.7.x through 2.7.14, update to version 2.7.15 or later.
Fix
Side Channel Attack
Use of a Broken Cryptographic Algorithm
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Arm Mbed Tls
Astra Linux
Suse