Cryptlib Information for VU#845620
Multiple RSA implementations fail to properly handle signatures
- Vendor Information Help Date Notified: 06 Sep 2006
- Statement Date:
- Date Updated: 18 Sep 2006
Unknown. If you are the vendor named above, please contact us to update your status.
Although cryptlib shouldn't be vulnerable to the original Bleichenbacher attack, there is ongoing discussion about further attacks that affect any RSA keys with e=3. Because the security community currently doesn't know how serious the problem is, cryptlib users should disable the use of any RSA keys with e=3 by changing the check 'if( BN_get_word( e ) < 3 )' in initCheckRSAkey() in context/kg_rsa.c to 'if( BN_get_word( e ) < 17 )'. Note that this will disable the use of a small number of existing keys that use e=3 (although cryptlib itself will never generate or use private keys with this
value), but until the exact nature of the problem is fully understood this is the only safe fix.
The vendor has not provided us with any further information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.