[openssl-dev] Need CVE-2015-3193 impact explained
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Dec 7 09:59:43 UTC 2015
On Mon, Dec 07, 2015 at 10:53:15AM +0100, Leif Thuresson wrote:
> The description of CVE-2015-3193 in 2015-12-04 security advisory
> states that EC algorithms are not affected, but attacks against DH are
> considered feasible.
DH as distinct from ECDH. The issue affects modular exponentiation
which is used in RSA and (finite-field) DH, but not ECDSA or ECDH.
> Not being a cryptographer that leaves me a bit confused.
> Are applications supporting cipher suites with ECDHE- variants vulnerable?
Only to the extent that they are already vulnerable as a result of
using RSA certificates to sign the key exchange parameters. The
key exchange itself is not.
--
Viktor.
More information about the openssl-dev
mailing list