mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-29 00:45:34 +00:00
8 lines
401 B
Plaintext
8 lines
401 B
Plaintext
|
Security
|
||
|
* Fix a potential side channel vulnerability in ECDSA ephemeral key generation.
|
||
|
An adversary who is capable of very precise timing measurements could
|
||
|
learn partial information about the leading bits of the nonce used for the
|
||
|
signature, allowing the recovery of the private key after observing a
|
||
|
large number of signature operations. This completes a partial fix in
|
||
|
Mbed TLS 2.20.0.
|