VE 11: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 17: Line 17:


<FONT COLOR="#000080"><I><B>Assessment:</B></I></FONT>
<FONT COLOR="#000080"><I><B>Assessment:</B></I></FONT>
The NSS software cryptographic module is designed to mitigate the following attacks:
*timing attacks against RSA;
*cache attacks against the modular exponentiation operation used in RSA and DSA.
The NSS software cryptographic module implements the following security mechanisms to mitigate those attacks:
*RSA blinding to mitigate timing attacks against RSA;
*cache invariant modular exponentiation to mitigate cache attacks against the modular exponentiation operation used in RSA and DSA.


</FONT></FONT></FONT>
</FONT></FONT></FONT>

Revision as of 22:59, 12 April 2006

SECTION 11: MITIGATION OF OTHER ATTACKS

AS.11.01 If the cryptographic module is designed to mitigate one or more specific attacks, then the module's security policy shall specify the security mechanisms employed by the module to mitigate the attack(s).

Assessment:

VE.11.01.01

VE.11.01.01 The vendor provided nonproprietary security policy shall specify whether the cryptographic module is designed to mitigate specific attacks. The vendor shall specify in the nonproprietary security policy the security mechanism(s) implemented by the cryptographic module to mitigate the attack(s).

Assessment:

VE.11.01.02

VE.11.01.02 The vendor provided nonproprietary security policy shall indicate how the implemented mechanism(s) were shown to mitigate the attack(s).

Assessment:

Not Applicable

Retrieved from "https://wiki.mozilla.org/index.php?title=VE_11&oldid=23916"