AW: Arithmetic error in SunEC

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

AW: Arithmetic error in SunEC

Tobias Wagner
Hi,

yes, from what we know your understanding is correct. The NIST curve secp384r1 is using these functions but seems not to be affected because of its prime. Any other curve will probably affected.

Regards
Tobias
 
-----Urspr√ľngliche Nachricht-----

> Von:Adam Petcher <[hidden email]>
> Gesendet: Die 17 Oktober 2017 22:26
> An: [hidden email]
> Betreff: Re: Arithmetic error in SunEC
>
> On 10/17/2017 4:55 AM, Tobias Wagner wrote:
>
> > Hi,
> >
> > we found an error in the GF(p)-arithmetics of SunEC, while adding
> > support for brainpool-curves in ECDHE for TLS connections as
> > suggested in RFC 7027.
> <snip>
>
> Thanks! I created JDK-8189594[1] to track this issue. My understanding
> is that this error doesn't cause any bugs in the existing JDK code, but
> it may cause bugs if we add new curves that use this optimization. If I
> am wrong about this, please let me know.
>
> [1] https://bugs.openjdk.java.net/browse/JDK-8189594
>
> >
> > Regards
> > Tobias
> >
>
>
Reply | Threaded
Open this post in threaded view
|

Re: AW: Arithmetic error in SunEC

Michael StJohns
On 10/18/2017 5:58 AM, Tobias Wagner wrote:
> Hi,
>
> yes, from what we know your understanding is correct. The NIST curve secp384r1 is using these functions but seems not to be affected because of its prime. Any other curve will probably affected.
>
> Regards
> Tobias
>  

Stupid question. Given that there this came over from NSS and that NSS
had reported the error, has anyone checked the rest of NSS reported
errors/fixes for EC for porting to the JDK?

Mike

> -----Urspr√ľngliche Nachricht-----
>> Von:Adam Petcher <[hidden email]>
>> Gesendet: Die 17 Oktober 2017 22:26
>> An: [hidden email]
>> Betreff: Re: Arithmetic error in SunEC
>>
>> On 10/17/2017 4:55 AM, Tobias Wagner wrote:
>>
>>> Hi,
>>>
>>> we found an error in the GF(p)-arithmetics of SunEC, while adding
>>> support for brainpool-curves in ECDHE for TLS connections as
>>> suggested in RFC 7027.
>> <snip>
>>
>> Thanks! I created JDK-8189594[1] to track this issue. My understanding
>> is that this error doesn't cause any bugs in the existing JDK code, but
>> it may cause bugs if we add new curves that use this optimization. If I
>> am wrong about this, please let me know.
>>
>> [1] https://bugs.openjdk.java.net/browse/JDK-8189594
>>
>>> Regards
>>> Tobias
>>>
>>