wolfSSL and ROHNP

wolfSSL is one of over a dozen vendors mentioned in the recent Technical Advisory "ROHNP" by author Ryan Keegan. Versions of wolfSSL prior to 3.15.3 were vulnerable to a Key Extraction Side Channel Attack. wolfSSL v3.15.3 which is protected against these attacks and has other improvements is available for download now on our website.

Only wolfSSL users with long term ECDSA private keys using our fastmath or normal math libraries on systems where attackers can get access to the machine using the ECDSA key need to update.  An attacker gaining access to the system could mount a memory cache side channel attack that could recover the key within a few thousand signatures. wolfSSL users that are not using ECDSA private keys, that are using the single precision math library, or that are using ECDSA offloading do not need to update. An update is still recommended however, as it is typically best to run the most up-to-date software versions.

Please contact support@wolfssl.com with any questions.

Link to advisory: https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/

Link to vulnerability database entry: CVE-2018-12436

Link to download page with most recent version: https://www.wolfssl.com/download/