Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-38514

Fix Minerva for OpenSSL

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • rhel-9.5
    • rhel-9.5
    • openssl
    • openssl-3.2.2-1.el9
    • ZStream
    • 2
    • sst_security_crypto
    • ssg_security
    • 20
    • None
    • QE ack, Dev ack
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto24Q2, Crypto24Q3
    • Approved Blocker
    • Hide

      AC1) x86_64: no side channel detected when tested with precision smaller than 1ns (95% CI) using 3 curves, 4 highest bit sizes for each curve in default openssl and openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag (deterministic and non-deterministic ECDSA)

      AC2) x86_64: sanity no side channel detected when tested with precision smaller than 10ns (95% CI) using 3 curves, 4 highest bit sizes for each curve in openssl using ECDSA_sign_ex function

      AC3) x86_64: on P-521 no side channel detected in step from 512 to 513 when tested with precision smaller than 5ns (95% CI) in default openssl and openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag

      AC4) aarch64 and ppc64le: sanity that the side channel is decreased in 3 curves in default openssl, openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag and using ECDSA_sign_ex function

      AC5) s390x: sanity check on just a hundred CPU-hours

      Show
      AC1) x86_64: no side channel detected when tested with precision smaller than 1ns (95% CI) using 3 curves, 4 highest bit sizes for each curve in default openssl and openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag (deterministic and non-deterministic ECDSA) AC2) x86_64: sanity no side channel detected when tested with precision smaller than 10ns (95% CI) using 3 curves, 4 highest bit sizes for each curve in openssl using ECDSA_sign_ex function AC3) x86_64: on P-521 no side channel detected in step from 512 to 513 when tested with precision smaller than 5ns (95% CI) in default openssl and openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag AC4) aarch64 and ppc64le: sanity that the side channel is decreased in 3 curves in default openssl, openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag and using ECDSA_sign_ex function AC5) s390x: sanity check on just a hundred CPU-hours
    • Pass
    • Not Needed
    • Automated
    • Bug Fix
    • Hide
      Eliminated non-constant time code paths in OpenSSL EC signature
      Show
      Eliminated non-constant time code paths in OpenSSL EC signature
    • Proposed
    • None

      Fix Minerva attack for OpenSSL 3.2.1
      https://github.com/openssl/openssl/pull/24317

            dbelyavs@redhat.com Dmitry Belyavskiy
            dbelyavs@redhat.com Dmitry Belyavskiy
            Dmitry Belyavskiy Dmitry Belyavskiy
            George Pantelakis George Pantelakis
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated: