diff options
| author | J08nY | 2018-10-15 17:48:23 +0200 |
|---|---|---|
| committer | J08nY | 2018-10-15 17:49:54 +0200 |
| commit | ea4e807906815c16c62c4e5719950c7274d1ebab (patch) | |
| tree | fa3f8dfd255b8a24d15dd1734fe327df56b8ac2c /docs | |
| parent | 1e64b70031f8a87ff3120632daed1cc7b9ac41ba (diff) | |
| download | ECTester-ea4e807906815c16c62c4e5719950c7274d1ebab.tar.gz ECTester-ea4e807906815c16c62c4e5719950c7274d1ebab.tar.zst ECTester-ea4e807906815c16c62c4e5719950c7274d1ebab.zip | |
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/TESTS.md | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/docs/TESTS.md b/docs/TESTS.md index 2d535f8..c639722 100644 --- a/docs/TESTS.md +++ b/docs/TESTS.md @@ -144,7 +144,8 @@ of two large primes, sets the generator with order of one prime and tries points ## Edge-Cases Tests various inputs to ECDH which may cause an implementation to achieve a certain edge-case state during ECDH. -Some of the data is from the google/Wycheproof project. Tests include [CVE-2017-10176](https://nvd.nist.gov/vuln/detail/CVE-2017-10176) and [CVE-2017-8932](https://nvd.nist.gov/vuln/detail/CVE-2017-8932). +Some of the data is from the google/Wycheproof project. Tests include [CVE-2017-10176](https://nvd.nist.gov/vuln/detail/CVE-2017-10176) and [CVE-2017-8932](https://nvd.nist.gov/vuln/detail/CVE-2017-8932) and an OpenSSL modular reduction bug +presented in [Practical realisation and elimination of an ECC-related software bug attack](https://eprint.iacr.org/2011/633). Various custom edge private key values are also tested. CVE-2017-10176 was in implementation issue in the SunEC Java library (and NSS ([CVE-2017-7781](https://nvd.nist.gov/vuln/detail/CVE-2017-7781)), thus also anything that used it) that caused the implementation to reach the point at infinity during ECDH computation. |