GnuTLS -- timing sidechannel in RSA decryption
The GnuTLS project reports:
A vulnerability was found that the response times to malformed RSA
ciphertexts in ClientKeyExchange differ from response times of
ciphertexts with correct PKCS#1 v1.5 padding. Only TLS ciphertext
processing is affected.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright