[Resource Topic] 2015/368: Breaking the Rabin-Williams digital signature system implementation in the Crypto++ library

Welcome to the resource topic for 2015/368

Title:
Breaking the Rabin-Williams digital signature system implementation in the Crypto++ library

Authors: Evgeny Sidorov

Abstract:

This paper describes a bug in the implementation of the Rabin-Williams digital signature in the \texttt{Crypto++} framework. The bug is in the misuse of blinding technique that is aimed at preventing timing attacks on the digital signature system implementation, but eventually results in an opportunity to find the private key having only two different signatures of the same message. The CVE identifier of the issue is \texttt{CVE-2015-2141}.

ePrint: https://eprint.iacr.org/2015/368

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .