diff options
| -rw-r--r-- | ChangeLog.d/rsa-fix-priviliged-side-channel.txt | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ChangeLog.d/rsa-fix-priviliged-side-channel.txt b/ChangeLog.d/rsa-fix-priviliged-side-channel.txt new file mode 100644 index 0000000..d4ffa91 --- /dev/null +++ b/ChangeLog.d/rsa-fix-priviliged-side-channel.txt @@ -0,0 +1,8 @@ +Security + * An adversary with access to precise enough information about memory + accesses (typically, an untrusted operating system attacking a secure + enclave) could recover an RSA private key after observing the victim + performing a single private-key operation if the window size used for the + exponentiation was 3 or smaller. Found and reported by Zili KOU, + Wenjian HE, Sharad Sinha, and Wei ZHANG. + |