Insecure RSA-OAEP implementation with all-zero seed for padding in Oberon PSA Crypto

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated messages, and loss of security proofs.

N/A

未配合OAEP使用RSA算法

Oberon PSA Crypto library 安全漏洞

Oberon PSA Crypto library是瑞士Oberon公司的一款加密库。 Oberon PSA Crypto library 1.5.1及之前版本存在安全漏洞，该漏洞源于使用全零种子代替随机字节，可能导致RSA确定性加密，从而造成机密性丢失。

N/A

N/A