#OpenSSL #Security #Patch available

#OpenSSL #Security #Patch available
Severity: High

Historically OpenSSL usually only ever generated DH parameters based on “safe”
primes. More recently (in version 1.0.2) support was provided for generating
X9.42 style parameter files such as those required for RFC 5114 support. The
primes used in such files may not be “safe”. Where an application is using DH
configured with parameters based on primes that are not “safe” then an attacker
could use this fact to find a peer’s private DH exponent. This attack requires
that the attacker complete multiple handshakes in which the peer uses the same
private DH exponent. For example this could be used to discover a TLS server’s
private DH exponent if it’s reusing the private DH exponent or it’s using a
static DH ciphersuite.
More information: https://s.ibscc.net/8TYp6

Share on telegram
Share on whatsapp
Share on facebook
Share on twitter
Share on linkedin
Share on email

internet business solutions