This whitepaper demonstrates that a passive network attacker can opportunistically obtain private RSA host keys from an SSH server that experiences a naturally arising fault during signature computation. In prior work, this was not believed to be possible for the SSH protocol because the signature included information like the shared Diffie-Hellman secret that would not be available to a passive network observer. The paper shows that for the signature parameters commonly in use for SSH, there is an efficient lattice attack to recover the private key in case of a signature fault. The authors provide a security analysis of the SSH, IKEv1, and IKEv2 protocols in this scenario, and use their attack to discover hundreds of compromised keys in the wild from several independently vulnerable implementations.
481aab67e2963f899f4d0981c2be3f03e3ff14965119cb78e929b36c27b58597
Debian Linux Security Advisory 5539-1 - It was reported that incorrect bound checks in the dsaVerify function in node-browserify-sign, a Node.js library which adds crypto signing for browsers, allows an attacker to perform signature forgery attacks by constructing signatures that can be successfully verified by any public key.
bd4d2f5bb4a56492acf5a0f3f5a7176edb7f3f2a9e00ffd9fa12ec5357176f21
Ubuntu Security Notice 6400-1 - It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information.
78f05f302971fdd61c41b154c5089eddceaa4838a9b6ffba2b409c27fe5f9ad4
Crypto Currency Tracker (CCT) versions 9.5 and below suffer from a flaw that allows an administrative account to be added without authentication.
9bfa02f5d59b5e3cf33ee7b1bbfbf8405639a69db395f6a7dbbbe7f5809ce517
The expressiveness of Turing-complete blockchains implies that verifying a transaction's validity requires executing it on the current blockchain state. Transaction fees are designed to compensate actors for resources expended on transactions, but can only be charged from transactions included in blocks. In this work, the authors show that adversaries can craft malicious transactions that decouple the work imposed on blockchain actors from the compensation offered in return by introducing three attacks.
68b4adbac9a02de43d43f0c0b285dc603d363d3be1f6185ba4fe1c00129c1969
This paper describes a vulnerability in several implementations of the Secure Hash Algorithm 3 (SHA-3) that have been released by its designers. The vulnerability has been present since the final-round update of Keccak was submitted to the National Institute of Standards and Technology (NIST) SHA-3 hash function competition in January 2011, and is present in the eXtended Keccak Code Package (XKCP) of the Keccak team. It affects all software projects that have integrated this code, such as the scripting languages Python and PHP Hypertext Preprocessor (PHP). The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (without any restrictions on values to be XORed and even far beyond the location of the original buffer), thereby making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective.
e5ce94c802fc96b96a37593074295283819a7abf859a04a1c1cbfcdb566dcdb1
CRYSTALS-Kyber has been selected by the NIST as a public-key encryption and key encapsulation mechanism to be standardized. It is also included in the NSA's suite of cryptographic algorithms recommended for national security systems. This makes it important to evaluate the resistance of CRYSTALS-Kyber’s implementations to side-channel attacks. The unprotected and first-order masked software implementations have been already analysed. In this paper, they present deep learning-based message recovery attacks on the ω-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU for ω ≤ 5. The main contribution is a new neural network training method called recursive learning. In the attack on an ω-order masked implementation, they start training from an artificially constructed neural network M ω whose weights are partly copied from a model M ω−1 trained on the (ω − 1)-order masked implementation, and then extended to one more share. Such a method allows them to train neural networks that can recover a message bit with the probability above 99% from high-order masked implementations.
bb8f1a666a9bb3b7ef38e7e61e8980c7e3efb86a13dead4ae283a439aa94aded
Red Hat Security Advisory 2022-7384-01 - The ubi9/openssl image provides provides an openssl command-line tool for using the various functions of the OpenSSL crypto library. Issues addressed include a buffer overflow vulnerability.
2d06e9dfb51b5c9d873e5550a4253a970790f764b91c9681acc1009726636955
Red Hat Security Advisory 2022-6854-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space. Issues addressed include a double free vulnerability.
dff461130a763c1fd068e986dd002fa1af64116943515003ec50ff603edd70a2
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
b25e1077bcf34908cc8f18c1a69a2ec98b047b2cbcf0f51144dcf3ba1e0b7b2a
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.
96697e9ef6a795d45863c91d61be85a9f138596e3151e7c2cd63ccf48aaa8783
Red Hat Security Advisory 2021-4582-02 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring. Security fixes: golang: crypto/tls: certificate of wrong type is causing TLS client to panic.
f28cc76ddb412145654050664da26602d7c4d62da2e36475367e140177eb756a
Red Hat Security Advisory 2021-4451-03 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space. Issues addressed include a use-after-free vulnerability.
d6a613e034ba768ea74172f7f2974826a7f6e4c5dbcf90bbb89e1d4814ee6509
Red Hat Security Advisory 2021-2760-01 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
e42ce41d08e975a1430a27c51239e1c6b441bfc1ee6419a8f1260663774b670b
Red Hat Security Advisory 2021-2758-01 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
f366a4741628270515ea9df33e6f46069b4595fc20f17cc3b7778a467f9fa2f9
Petalus is a crypto wallet microservice in python that allows users to store any type of information on a virtual wallet. The main functionalities of Petalus are blockchain support on the storage data, multiple hashes for the blockchain (sha256, blake2s and sha3-256), multiple process execution, support for read/write triggers on the wallets, and authorization of write blocks with public/private key.
535dcde4cc02e3aaed94a32fcddbf9482acb15845d4e4689e59fc8aee26cd414
Red Hat Security Advisory 2021-2356-01 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
f0b868aecc984ffac536b2f7445dec720e102809e48c65ea1b5287ba47f543d5
Red Hat Security Advisory 2021-2280-01 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
25a368fa3e5e2ba5618296e78e07cf7dddc9a96c8c3b675919627a7ed133283b
Red Hat Security Advisory 2021-1246-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
a6ed120c427bdf965416633946bf2c8c87af6e47ae6eeb335fa638330e7de30b
Red Hat Security Advisory 2021-1245-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
03ae9d4d6c692462185f91ccac59efd11a557f501eca9ed834b624631545538d
Red Hat Security Advisory 2021-1206-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
cfc2ddbf194ca98e9bd00034d5a3de9b781c3c4eaf8683beb24a941d9f66d122
Red Hat Security Advisory 2021-1145-01 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.
c64e53f209824c0541aa87a7b3d247fd85ddd3bfb744137d79b41874b72f64e3
Ubuntu Security Notice 4550-1 - Ryan Hall discovered that DPDK incorrectly handled vhost crypto. An attacker inside a guest could use these issues to perform multiple attacks, including denial of service attacks, obtaining sensitive information from the host, and possibly executing arbitrary code on the host.
d8af98378677f0c95696fed25979abbe5c17bc959e6fb291f1db9dd93bd3a233
Ubuntu Security Notice 3901-1 - Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. It was discovered that the crypto subsystem of the Linux kernel leaked uninitialized memory to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
2733d1718525888590b59662b23b1cc1de9b8d11aba8290d25b543ffd636e966
Whitepaper called Android Security Research: Crypto Wallet Local Storage Attack.
d4ec44d04cda2c87a67db49c174fec961eb574fcddcdec97e38b0cdd8f2c2a23