CVE-2022-0778 - Impact of ECC cipher with valid server ECC certificate

Vipul Mehta vipulmehta.1989 at gmail.com
Sat Mar 26 07:02:03 UTC 2022


 Hello,

Our server does not consume any certificate from the client.
Client authentication or client certificate verification is disabled.
Server always has a valid ECC certificate.

BN_mod_sqrt() is not used anywhere in the server except by openssl.

If we consider ECDHE_ECDSA cipher based TLS handshake, then it is possible
that the client can send invalid public session key to the server causing
the vulnerability. Is this assumption correct ?

If yes, then I think disabling ECC cipher suites should prevent the
vulnerability if we don't want to upgrade openssl considering there is no
other cryptographic operation except w.r.t. TLS.

Regards,
Vipul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220326/b02e8de6/attachment.htm>


More information about the openssl-users mailing list