Timing Side-Channel Attack Vulnerability in Botan

Timing Side-Channel Attack Vulnerability in Botan

CVE-2016-2849 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.

Learn more about our Web Application Penetration Testing UK.