From cdfd73aa7fe2b8f533fe4508b898957dc5823a20 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 25 Jun 2021 13:43:59 +0100 Subject: [PATCH] Add ChangeLog entry Signed-off-by: Janos Follath --- ChangeLog.d/reject-low-order-points-early.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/reject-low-order-points-early.txt diff --git a/ChangeLog.d/reject-low-order-points-early.txt b/ChangeLog.d/reject-low-order-points-early.txt new file mode 100644 index 000000000..eb735697a --- /dev/null +++ b/ChangeLog.d/reject-low-order-points-early.txt @@ -0,0 +1,6 @@ +Security + * An adversary with access to precise enough timing information (typically, a + co-located process) could recover a Curve25519 or Curve448 static ECDH key + after inputting a chosen public key and observing the victim performing the + corresponding private-key operation. Found and reported by Leila Batina, + Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe.