VE 11: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 15: Line 15:
mitigate the attack(s).</FONT></FONT></FONT></P>
mitigate the attack(s).</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B>Not
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>The NSS software cryptographic module is designed to mitigate timing attacks against RSA and cache attacks against the modular exponentiation operation used in RSA. The NSS software cryptographic module implements RSA blinding to mitigate timing attacks against RSA.  It implements a "weaving" method to mitigate cache attacks against the modular exponentiation operation used in RSA and DSA.</FONT></FONT></FONT></P>
Applicable</B></FONT></FONT></FONT></P>


==VE.11.01.02==
==VE.11.01.02==

Revision as of 18:59, 12 April 2006

SECTION 11: MITIGATION OF OTHER ATTACKS

AS.11.01 If the cryptographic module is designed to mitigate one or more specific attacks, then the module's security policy shall specify the security mechanisms employed by the module to mitigate the attack(s).

Assessment:

Not Applicable

VE.11.01.01

VE.11.01.01 The vendor provided nonproprietary security policy shall specify whether the cryptographic module is designed to mitigate specific attacks. The vendor shall specify in the nonproprietary security policy the security mechanism(s) implemented by the cryptographic module to mitigate the attack(s).

Assessment:

The NSS software cryptographic module is designed to mitigate timing attacks against RSA and cache attacks against the modular exponentiation operation used in RSA. The NSS software cryptographic module implements RSA blinding to mitigate timing attacks against RSA. It implements a "weaving" method to mitigate cache attacks against the modular exponentiation operation used in RSA and DSA.

VE.11.01.02

VE.11.01.02 The vendor provided nonproprietary security policy shall indicate how the implemented mechanism(s) were shown to mitigate the attack(s).

Assessment:

Not Applicable

Retrieved from "https://wiki.mozilla.org/index.php?title=VE_11&oldid=23869"