Cryptlib Information for VU#845620

Multiple RSA implementations fail to properly handle signatures

Status

Unknown. If you are the vendor named above, please contact us to update your status.

Vendor Statement

Although cryptlib shouldn't be vulnerable to the original Bleichenbacher attack, there is ongoing discussion about further attacks that affect any RSA keys with e=3. Because the security community currently doesn't know how serious the problem is, cryptlib users should disable the use of any RSA keys with e=3 by changing the check 'if( BN_get_word( e ) < 3 )' in initCheckRSAkey() in context/kg_rsa.c to 'if( BN_get_word( e ) < 17 )'. Note that this will disable the use of a small number of existing keys that use e=3 (although cryptlib itself will never generate or use private keys with this

value), but until the exact nature of the problem is fully understood this is the only safe fix.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.