International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 23 April 2015

Evgeny Sidorov
ePrint Report ePrint Report
This paper describes a bug in the implementation of the Rabin-Williams digital signature in the \\texttt{Crypto++} framework. The bug is in the misuse of blinding technique that is aimed at preventing timing attacks on the digital signature system implementation, but eventually results in an opportunity to find the private key having only two different signatures of the same message. The CVE identifier of the issue is \\texttt{CVE-2015-2141}.

Expand

Additional news items may be found on the IACR news page.