Timing Side-Channel Attack on RSA-CRT Implementation in PolarSSL

Timing Side-Channel Attack on RSA-CRT Implementation in PolarSSL

CVE-2013-5915 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow remote attackers to conduct a timing side-channel attack and retrieve RSA private keys.

Learn more about our Web Application Penetration Testing UK.