View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002960 | 10000-002: Security | Spec | public | 2015-02-11 05:02 | 2015-07-28 15:22 |
| Reporter | Paul Hunkar | Assigned To | Paul Hunkar | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Product Version | 1.02 | ||||
| Target Version | 1.03 | Fixed in Version | 1.03 | ||
| Summary | 0002960: PKCS # 1 v1.5 and known attackes discussion required | ||||
| Description | The padding process for the RSA encryption (PKCS # 1 v1.5) in "Basic128Rsa15" should be deprecated according to BSI. In this process are known attacks [JSS12, BA10]. The attacks erquire an oracle exist - i.e. error message variation or timing variation. OPC UA does not provide error message variations, but additional discussion should be included to ensure timing oracle does not exist in implementations. | ||||
| Tags | No tags attached. | ||||
| Commit Version | |||||
| Fix Due Date | |||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2015-02-11 05:02 | Paul Hunkar | New Issue | |
| 2015-02-11 05:02 | Paul Hunkar | Status | new => assigned |
| 2015-02-11 05:02 | Paul Hunkar | Assigned To | => Paul Hunkar |
| 2015-02-11 05:36 | Paul Hunkar | Description Updated | |
| 2015-06-23 02:40 | Paul Hunkar | Note Added: 0006154 | |
| 2015-06-23 02:40 | Paul Hunkar | Status | assigned => resolved |
| 2015-06-23 02:40 | Paul Hunkar | Fixed in Version | => 1.03 |
| 2015-06-23 02:40 | Paul Hunkar | Resolution | open => fixed |
| 2015-07-28 15:22 | Jim Luth | Note Added: 0006278 | |
| 2015-07-28 15:22 | Jim Luth | Status | resolved => closed |
