openssh-unix-dev May 2011 archive
Main Archive Page > Month Archives  > openssh-unix-dev archives
openssh-unix-dev: Re: Security of OpenSSL ECDSA signatures

Re: Security of OpenSSL ECDSA signatures

From: Dan Kaminsky <dan_at_nospam>
Date: Mon May 23 2011 - 13:13:03 GMT
To: Damien Miller <>

> This result concerns binary/GF(2m) fields only and not the prime fields
> that OpenSSH uses in recent versions.
> Unless a similar timing oracle is found for GF(p) fields then no
> OpenSSH-side workaround is required.
OpenSSL has had timing attacks against most of their production ciphers
(RSA, AES, etc). Has the author of the paper weighed in on whether he
thinks his attack will affect GF(p)?

openssh-unix-dev mailing list