We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Squeezing a key through a carry bit

Not available online.
If you are interested in this material, please contact knm@tib.eu.
0
 Cite
 Share
 Related Material
 Purchase
Logo of Chaos Computer Club e.V.Chaos Computer Club e.V.
 Valsorda, Filippo

Formal Metadata

Title
Squeezing a key through a carry bit
Subtitle
No bug is small enough
Title of Series
Number of Parts
167
Author
License
CC Attribution 4.0 International:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Abstract
The Go implementation of the P-256 elliptic curve had a small bug due to a misplaced carry bit affecting less than 0.00000003% of field subtraction operations. We show how to build a full practical key recovery attack on top of it, capable of targeting JSON Web Encryption.
Keywords