Clarifications on RSA timing attack CVE-2022-4304

Girish Yerra yerracs86 at gmail.com
Sat Mar 11 03:10:58 UTC 2023


Hi All,
I am not sure if this is the right forum to discuss the aspects of the CVE.
Feel free to close this and point me to the right forum.

I am looking for some more specific details on the attack description. I am
mainly looking for some of the details and clarifications.

1. For timing attacks the popular counter measure is to apply blinding
which makes it timing resistant. Does this countermeasure fail in this case?
2. What is the order of the trials that an attacker requires to mount this
attack ?

Please share any reference paper giving more details of this attack.

Thanks,
Girish
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230310/5c925605/attachment.htm>


More information about the openssl-users mailing list