Description
The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.
References (2)
Core 2
Core References
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13785
Vendor Advisory x_refsource_misc
http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
Scores
EPSS
0.0032
EPSS Percentile
55.1%
Details
Status
published
Products (25)
openssl/openssl
0.9.1c
openssl/openssl
0.9.2b
openssl/openssl
0.9.3
openssl/openssl
0.9.4
openssl/openssl
0.9.5
openssl/openssl
0.9.5a
openssl/openssl
0.9.6
openssl/openssl
0.9.6a
openssl/openssl
0.9.6b
openssl/openssl
0.9.6c
... and 15 more
Published
May 26, 2005
Tracked Since
Feb 18, 2026