International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Open Source Is Not Enough. Attacking the EC-package of Bouncycastle version 1.x_132

Authors:
Daniel Mall
Qing Zhong
Download:
URL: http://eprint.iacr.org/2008/113
Search ePrint
Search Google
Abstract: BouncyCastle is an open source Crypto provider written in Java which supplies classes for Elliptic Curve Cryptography (ECC). We have found a flaw in the class ECPoint resulting from an unhappy interaction of elementary algorithms. We show how to exploit this flaw to a real world attack, e.g., on the encryption scheme ECIES. BouncyCastle has since fixed this flaw (version 1.x_133 and higher) but all older versions remain highly vulnerable to an active attacker and the attack shows a certain vulnerability of the involved validation algorithms.
BibTeX
@misc{eprint-2008-17790,
  title={Open Source Is Not Enough.  Attacking the EC-package of Bouncycastle version 1.x_132},
  booktitle={IACR Eprint archive},
  keywords={implementation / elliptic curve cryptography},
  url={http://eprint.iacr.org/2008/113},
  note={ daniel.mall@fhnw.ch 13951 received 13 Mar 2008},
  author={Daniel Mall and Qing Zhong},
  year=2008
}