Research output per year
Research output per year
Description
This document is for reproducing one of the research results from the manuscript "Set It and Forget It! Turnkey ECC for Instant Integration", to appear at the 2020 Annual Computer Security Applications Conference (ACSAC). This is one of the vulnerabilities included under ECCKAT, Section 3.4 ("OpenSSL: ECC CDH vulnerability").
It demonstrates bypassing Elliptic Curve Co-factor Diffie Hellman (ECC CDH) security, which should fail to derive a shared key if a peer point is not a multiple of the generator. Here the generator is for the NIST B-233 binary curve.
The vulnerability was in a development version of OpenSSL 1.1.1, fixed before the official release of OpenSSL 1.1.1 (Sep 2018).
It demonstrates bypassing Elliptic Curve Co-factor Diffie Hellman (ECC CDH) security, which should fail to derive a shared key if a peer point is not a multiple of the generator. Here the generator is for the NIST B-233 binary curve.
The vulnerability was in a development version of OpenSSL 1.1.1, fixed before the official release of OpenSSL 1.1.1 (Sep 2018).
| Date made available | 31 Aug 2020 |
|---|---|
| Date of data production | 2020 |
Field of science, Statistics Finland
- 213 Electronic, automation and communications engineering, electronics
Research output
- 1 Conference contribution
-
Set It and Forget It! Turnkey ECC for Instant Integration
Belyavsky, D., Brumley, B. B., Chi-Domínguez, J-J., Rivera-Zamarripa, L. & Ustinov, I., 2020, Annual Computer Security Applications Conference (ACSAC). ACM, p. 760-771 12 p. 3427291Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review
Open AccessFile9 Downloads (Pure)