Home page logo

bugtraq logo Bugtraq mailing list archives

Secure Science Corporation Advisory CSA-056
From: SSC Advisory Notice <bugtraq () securescience net>
Date: Mon, 02 May 2005 17:56:17 -0700

Secure Science Corporation Advisory CSA-056
e-response () securescience net


LibTomCrypt version <=1.02 contained weak signature scheme used
with ECC keys, allowing trivial signature forgeries.


Vulnerability Classification: Cryptography - arbitrary message signing

Discovery Date: May 1, 2005
Vendor Reported Advisory
Discovery Published: May 2, 2005

LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines. A vulnerability was found by the author within the signature scheme used with the Elliptic Curve Cryptosystem routines that will allow arbitrary signatures to be created by an attacker.

During recent cryptographic review by the author, a mathematical flaw was found within the implementation of the El Gamal signature algorithm used in LibTomCrypt versions <=1.02 An attacker can create a valid random signature by selecting a random value for a, and then computing (a^-1)C (where the inverse is modulo the order of the curve), essentially allowing an attacker to sign arbitrary messages without the private key.

Affected Vendors:
All vendors using LTC <=1.02 that apply ECC with signatures.

Vendor and Patch Information:
Secure Science Corporation is distributing this advisory on behalf of the author. The author has stated that LibTomCrypt 1.03 will be released May 7, 2005 with X9.62 ECDSA implemented, a FIPS 180-2 standard.

X9.62 ECDSA implementation.

Secure Science Corporation - Tom St Denis

Secure Science Corporation is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Secure Science Corporation products.

  By Date           By Thread  

Current thread:
  • Secure Science Corporation Advisory CSA-056 SSC Advisory Notice (May 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]