mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-11-24 12:01:11 +03:00
a4aa89b16e
See the comments in the code for how an attack would go, and the ChangeLog entry for an impact assessment. (For ECDSA, leaking a few bits of the scalar over several signatures translates to full private key recovery using a lattice attack.) Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
100 KiB
100 KiB