CVE-2019-15809

MEDIUM

Atmel Toolbox 00.03.11.05 - Timing Side-Channel in ECDSA Signature Generation

Title source: llm
STIX 2.1

Description

Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001.

References (6)

Core 6
Core References
Technical Description, Third Party Advisory x_refsource_misc
https://eprint.iacr.org/2011/232.pdf
Technical Description, Third Party Advisory x_refsource_misc
https://tches.iacr.org/index.php/TCHES/article/view/7337
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2019/10/02/2
Exploit, Third Party Advisory x_refsource_misc
https://minerva.crocs.fi.muni.cz/

Scores

CVSS v3 4.7
EPSS 0.0047
EPSS Percentile 37.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-203
Status published
Products (8)
athena-scs/idprotect 010b.0352.0005
athena-scs/idprotect 010e.1245.0002
athena-scs/idprotect 0106.0130.0401
cryptsoft/s\/a_idflex_v 010b.0352.0005
microchip/atmel_toolbox 00.03.11.05
tecsec/armored_card 010e.0264.0001
tecsec/armored_card 108.0264.0001
thalesgroup/etoken_4300 010e.1245.0002
Published Oct 03, 2019
Tracked Since Feb 18, 2026