LibTomCrypt allows attacker to create arbitrary signature
| libtomcrypt-signature-security-bypass (20455) |  High Risk |
Description:
LibTomCryptcould allow a remote attacker to sign aribtrary messages without the use of a private key. This is caused by a vulnerability in the signature scheme within the Elliptic Curve Cryptosystem (ECC) routines. A remote attacker could select a random value for a and then compute (a^1)C to bypass security restrictions and create a valid random signature which would allow the attacker to sign arbitrary messages without the use of a private key.
Consequences:
Bypass Security
Remedy:
Upgrade to the latest version of LibTomCrypt (1.03 or later), when it becomes available from the LibTomCrypt Download Web page. See References.
References:
- BugTraq Mailing List, Mon May 02 2005 - 19:56:17 CDT : Secure Science Corporation Advisory CSA-056.
- FreeBSD Security Advisory FreeBSD-SA-05:07.ldt: Local kernel memory disclosure in i386_get_ldt.
- BID-13473: LibTomCrypt El Gamal Implementation Flaw Valid Signature Generation Vulnerability
- CVE-2005-1600: A mathematical flaw in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key.
- SA15233: LibTomCrypt ECC Signature Scheme Vulnerability
Platforms Affected:
- Lb Tom LibTomCrypt 1.02
Reported:
May 02, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net