mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-27 09:04:18 +01:00
10 lines
618 B
Plaintext
10 lines
618 B
Plaintext
|
Security
|
||
|
* Fix a local timing side channel vulnerability in (D)TLS record decryption
|
||
|
when using a CBC ciphersuites without the Encrypt-then-Mac extension. In
|
||
|
those circumstances, a local attacker able to observe the state of the
|
||
|
cache could use well-chosen functions to measure the exact computation
|
||
|
time of the HMAC, and follow up with the usual range of Lucky 13 attacks,
|
||
|
including plaintext recovery and key recovery. Found and reported by Tuba
|
||
|
Yavuz, Farhaan Fowze, Ken (Yihan) Bai, Grant Hernandez, and Kevin Butler
|
||
|
(University of Florida) and Dave Tian (Purdue University).
|