Comments (5)
kmackay
commented on July 26, 2024
It's not really necessary anymore because the functions that accept public keys work with any possible input (and the choice of public key does not leak timing information).
I can add it into master if you need it.
from micro-ecc.
jnysen
commented on July 26, 2024
It's good to know that uECC has addressed potential side channel timing attacks from an attacker with a carefully malformed public key.
Verifying the public key with an extremely low overhead function like ecc_valid_public_key() helps avoid attacks where an attacker can cause a remote system to expend significant processing cycles in an ECDH key exchange by sending garbage data without having to expend any effort generating keys on the correct curve. (This is still a problem when using compressed keys, as the decompress function requires a lot of processing power and will always be followed by another ECC operation that is also cpu intensive. And the single axis will be expanded to valid point that always validates, so no help in that regard, except to use full size keys.)
It's also useful to validate the signature and underlying public key in a signed key cert prior to checking the cert signature to minimise processing when the public key is invalid and not on the curve (due to either general errors, malformed certs or an intentional simplistic attack).
And of course it helps in debugging with a more specific error.
I've ported it across from the 'old' branch, but it would still be useful to have it in 'master'.
from micro-ecc.
kmackay
commented on July 26, 2024
I added uECC_valid_public_key() to master. Note that just checking for a valid public key is not a full defense against denial-of-service attacks, since an attacker could generate a single valid public key and use it repeatedly.
from micro-ecc.
jnysen
commented on July 26, 2024
Thanks. Works perfectly.
This is great for running regression tests and for sanity checking during debugging. And you're right, it doesn't help in targeted denial of service attacks, but is handy in the generic sense where a broken transmitter (or an attacker) is just sending lots of random data. We already detect single element replay to detect problems with broken repeaters. But a targeted attack will still be able to cause an ECDHE + ECDSA procedure before the attacker is rejected.
BTW, do you have a contact email address or website? If so please email me directly.
from micro-ecc.
kmackay
commented on July 26, 2024
I don't have your contact info to email you directly :-)
You can contact me at [email protected].
from micro-ecc.
Related Issues (20)
- Interoperability with python-ecdsa regarding the SECP160r1 curve HOT 2
- uECC_decompress() gives garbage when passed an already-decompressed key
- P-256 failing cases HOT 5
- asm_mult for uECC_PLATFORM == uECC_arm_thumb
- Arduino compatibility
- Does micro-ecc works with signature (secp256r1) where R or S is lower than 32 bytes? HOT 2
- Questions about ECDSA HOT 2
- Contact for responsible disclosure HOT 2
- Check for identity element is missing during verification
- Question about the public private key generation using secp160r1
- how to set the RNG function? HOT 2
- HASH out value differnet on same file? HOT 6
- Hard fault on cortex M0+
- With latest IAR ARM Embedded workbench version 9.32 not able to compile this code HOT 2
- Earlyclobber inline asm input registers
- easy-ecc compatability?
- secp160r1 incorrect signatures on ARM Cortex M0 HOT 2
- Expression cannot be used as a function
- Point addition of same point
- Different results on different platforms
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from micro-ecc.