IACR News item: 23 April 2015
Evgeny Sidorov
ePrint Report
This paper describes a bug in the implementation of the Rabin-Williams digital signature in the \\texttt{Crypto++} framework. The bug is in the misuse of blinding technique that is aimed at preventing timing attacks on the digital signature system implementation, but eventually results in an opportunity to find the private key having only two different signatures of the same message. The CVE identifier of the issue is \\texttt{CVE-2015-2141}.
Additional news items may be found on the IACR news page.