[openssl-users] Clarification regarding CVE-2016-2178 for openssl 1.0.2 i and 1.0.2 j

Sanjaya Joshi joshi.sanjaya at gmail.com
Tue Oct 25 08:01:14 UTC 2016


In openssl1.0.2i, the release note says, there is a fix for CVE-2016-2178:

  *) Constant time flag not preserved in DSA signing

     Operations in the DSA signing algorithm should run in constant time in
     order to avoid side channel attacks. A flaw in the OpenSSL DSA
     implementation means that a non-constant time codepath is followed for
     certain operations. This has been demonstrated through a cache-timing
     attack to be sufficient for an attacker to recover the private DSA key.

     This issue was reported by César Pereida (Aalto University), Billy
     (Tampere University of Technology), and Yuval Yarom (The University of
     Adelaide and NICTA).
     [César Pereida]

And the related code diff in git is:

But when i download the source code (1.0.2i and 1.0.2j), i cannot see those

Could you please clarify a bit about this. Is this intended or i just need
to apply the patches myself ?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161025/bd674e76/attachment.html>

More information about the openssl-users mailing list