FYI: Flush+Reload attack on OpenSSL's ECDSA

mancha mancha1 at
Sun Mar 2 08:26:59 EST 2014

Here's a recently-published paper that describes a flush & reload
attack on OpenSSL's ECDSA implementation:

According to the authors, snooping a single signing round is
sufficient to recover the secret key.


More information about the openssh-unix-dev mailing list