Keegan Ryan from NCC Group discovered a vulnerability in the ECC implementation of many crypto libraries that allows a hacker to recover the ECDSA or DSA private keys using a side channel attack. This has been fixed in the crypto library upstream trees.
OP-TEE is using a fork of LibTomCrypt. The fork is based on an older version of LibTomCrypt and therefore the fix for ECC vulnerability was missing. After being informed about this, we have backported the fix into the LibTomCrypt fork in OP-TEE.
Patches
optee_os.git
- ecc_sign_hash blinding CVE-2018-12437 (8bbd9b3)
Workarounds
N/A
References
For more details about the vulnerability, please refer to the initial disclosure report
OP-TEE ID
OP-TEE-2019-0018
Reported by
Santos Merino del Pozo (for email, see commit message in the patch)
For more information
For more information regarding the security incident process in OP-TEE, please read the information that can be found when going to the "Security" page at https://www.trustedfirmware.org.
Keegan Ryan from NCC Group discovered a vulnerability in the ECC implementation of many crypto libraries that allows a hacker to recover the ECDSA or DSA private keys using a side channel attack. This has been fixed in the crypto library upstream trees.
OP-TEE is using a fork of LibTomCrypt. The fork is based on an older version of LibTomCrypt and therefore the fix for ECC vulnerability was missing. After being informed about this, we have backported the fix into the LibTomCrypt fork in OP-TEE.
Patches
optee_os.git
Workarounds
N/A
References
For more details about the vulnerability, please refer to the initial disclosure report
OP-TEE ID
OP-TEE-2019-0018
Reported by
Santos Merino del Pozo (for email, see commit message in the patch)
For more information
For more information regarding the security incident process in OP-TEE, please read the information that can be found when going to the "Security" page at https://www.trustedfirmware.org.