OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2003-03-18T05:00:00
Updated: 2018-10-19T14:57:01
Reserved: 2003-03-14T00:00:00
Link: CVE-2003-0147
JSON object: View
NVD Information
Status : Modified
Published: 2003-03-31T05:00:00.000
Modified: 2018-10-19T15:29:26.540
Link: CVE-2003-0147
JSON object: View
Redhat Information
No data.
CWE