Security: OpenSSL Vulnerable to Forged Signatures

by on September 10, 2006 · 0 comments· Last updated September 10, 2006

OpenSSL is an open source implementation of the SSL and TLS protocols.

Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures. If an RSA key with exponent 3 is used it may be possible to forge a PKCS #1 v1.5 signature signed by that key. Implementations may incorrectly verify the certificate if they are not checking for excess data in the RSA exponentiation result of the signature.

Since there are CAs using exponent 3 in wide use, and PKCS #1 v1.5 is used in X.509 certificates, all software that uses OpenSSL to verify X.509 certificates is potentially vulnerable, as well as any other use of PKCS #1 v1.5. This includes software that uses OpenSSL for SSL or TLS.

NOTE: OpenSSL versions up to 0.9.7j and 0.9.8b are affected.

=> Upgrade your OpenSSL

=> More about the signature forgery technique



You should follow me on twitter here or grab rss feed to keep track of new changes.

Featured Articles:

{ 0 comments… add one now }

Leave a Comment

You can use these HTML tags and attributes for your code and commands: <strong> <em> <ol> <li> <u> <ul> <blockquote> <pre> <a href="" title="">
What is 15 + 8 ?
Please leave these two fields as-is:
Solve the simple math so we know that you are a human and not a bot.



Previous post:

Next post: