• openssl-3.2.2-1.el9
    • None
    • None
    • ZStream
    • 2
    • sst_security_crypto
    • ssg_security
    • 28
    • 0.5
    • QE ack, Dev ack
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto24Q2, Crypto24Q3
    • Approved Blocker
    • Hide

      AC1) x86_64: no side channel detected when tested with precision smaller than 1ns (95% CI) using 3 curves, 4 highest bit sizes for each curve in default openssl and openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag (deterministic and non-deterministic ECDSA)

      AC2) x86_64: sanity no side channel detected when tested with precision smaller than 10ns (95% CI) using 3 curves, 4 highest bit sizes for each curve in openssl using ECDSA_sign_ex function

      AC3) x86_64: on P-521 no side channel detected in step from 512 to 513 when tested with precision smaller than 5ns (95% CI) in default openssl and openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag

      AC4) aarch64 and ppc64le: sanity that the side channel is decreased in 3 curves in default openssl, openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag and using ECDSA_sign_ex function

      AC5) s390x: sanity check on just a hundred CPU-hours

      Show
      AC1) x86_64: no side channel detected when tested with precision smaller than 1ns (95% CI) using 3 curves, 4 highest bit sizes for each curve in default openssl and openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag (deterministic and non-deterministic ECDSA) AC2) x86_64: sanity no side channel detected when tested with precision smaller than 10ns (95% CI) using 3 curves, 4 highest bit sizes for each curve in openssl using ECDSA_sign_ex function AC3) x86_64: on P-521 no side channel detected in step from 512 to 513 when tested with precision smaller than 5ns (95% CI) in default openssl and openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag AC4) aarch64 and ppc64le: sanity that the side channel is decreased in 3 curves in default openssl, openssl with OSSL_SIGNATURE_PARAM_NONCE_TYPE flag and using ECDSA_sign_ex function AC5) s390x: sanity check on just a hundred CPU-hours
    • Pass
    • Not Needed
    • Automated
    • Bug Fix
    • Hide
      .Non-constant time code paths removed from OpenSSL EC signatures

      Previously, OpenSSL used non-constant time code paths for Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. This could have exposed the signature operations to attacks similar to the Minerva attack and potentially reveal the private key. This update removes non-constant time code paths in OpenSSL EC signatures, and as a result, this vulnerability is no longer present.
      Show
      .Non-constant time code paths removed from OpenSSL EC signatures Previously, OpenSSL used non-constant time code paths for Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. This could have exposed the signature operations to attacks similar to the Minerva attack and potentially reveal the private key. This update removes non-constant time code paths in OpenSSL EC signatures, and as a result, this vulnerability is no longer present.
    • Done
    • None

      Fix Minerva attack for OpenSSL 3.2.1
      https://github.com/openssl/openssl/pull/24317

        1. results-openssl-NIST256p-aarch64-3.2.2-3.el9-deterministic.txz
          24.79 MB
          George Pantelakis
        2. results-openssl-NIST256p-aarch64-3.2.2-3.el9-no-digest.txz
          14.21 MB
          George Pantelakis
        3. results-openssl-NIST256p-aarch64-3.2.2-3.el9-non-deterministic.txz
          14.14 MB
          George Pantelakis
        4. results-openssl-NIST256p-ppc64le-3.2.2-3.el9-deterministic.txz
          28.82 MB
          George Pantelakis
        5. results-openssl-NIST256p-ppc64le-3.2.2-3.el9-no-digest.txz
          22.96 MB
          George Pantelakis
        6. results-openssl-NIST256p-ppc64le-3.2.2-3.el9-non-deterministic.txz
          23.91 MB
          George Pantelakis
        7. results-openssl-NIST256p-x86_64-3.2.2-3.el9-deterministic.txz
          34.03 MB
          George Pantelakis
        8. results-openssl-NIST256p-x86_64-3.2.2-3.el9-no-digest.txz
          30.43 MB
          George Pantelakis
        9. results-openssl-NIST256p-x86_64-3.2.2-3.el9-non-deterministic.txz
          30.84 MB
          George Pantelakis
        10. results-openssl-NIST384p-aarch64-3.2.2-3.el9-deterministic.txz
          18.04 MB
          George Pantelakis
        11. results-openssl-NIST384p-aarch64-3.2.2-3.el9-no-digest.txz
          16.38 MB
          George Pantelakis
        12. results-openssl-NIST384p-aarch64-3.2.2-3.el9-non-deterministic.txz
          21.69 MB
          George Pantelakis
        13. results-openssl-NIST384p-ppc64le-3.2.2-3.el9-deterministic.txz
          30.86 MB
          George Pantelakis
        14. results-openssl-NIST384p-ppc64le-3.2.2-3.el9-no-digest.txz
          31.63 MB
          George Pantelakis
        15. results-openssl-NIST384p-ppc64le-3.2.2-3.el9-non-deterministic.txz
          26.82 MB
          George Pantelakis
        16. results-openssl-NIST384p-x86_64-3.2.2-3.el9-deterministic.txz
          38.31 MB
          George Pantelakis
        17. results-openssl-NIST384p-x86_64-3.2.2-3.el9-no-digest.txz
          38.87 MB
          George Pantelakis
        18. results-openssl-NIST384p-x86_64-3.2.2-3.el9-non-deterministic.txz
          38.83 MB
          George Pantelakis
        19. results-openssl-NIST521p-aarch64-3.2.2-3.el9-deterministic.txz
          18.98 MB
          George Pantelakis
        20. results-openssl-NIST521p-aarch64-3.2.2-3.el9-no-digest.txz
          16.68 MB
          George Pantelakis
        21. results-openssl-NIST521p-aarch64-3.2.2-3.el9-non-deterministic.txz
          24.39 MB
          George Pantelakis
        22. results-openssl-NIST521p-ppc64le-3.2.2-3.el9-deterministic.txz
          28.94 MB
          George Pantelakis
        23. results-openssl-NIST521p-ppc64le-3.2.2-3.el9-no-digest.txz
          26.33 MB
          George Pantelakis
        24. results-openssl-NIST521p-ppc64le-3.2.2-3.el9-non-deterministic.txz
          32.61 MB
          George Pantelakis
        25. results-openssl-NIST521p-x86_64-3.2.2-3.el9-deterministic.txz
          35.07 MB
          George Pantelakis
        26. results-openssl-NIST521p-x86_64-3.2.2-3.el9-no-digest.txz
          33.90 MB
          George Pantelakis
        27. results-openssl-NIST521p-x86_64-3.2.2-3.el9-non-deterministic.txz
          35.09 MB
          George Pantelakis

              dbelyavs@redhat.com Dmitry Belyavskiy
              dbelyavs@redhat.com Dmitry Belyavskiy
              Dmitry Belyavskiy Dmitry Belyavskiy
              George Pantelakis George Pantelakis
              Jan Fiala Jan Fiala
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: