Thanks.
I did some more analysis and now I understand it completely.
ECC curve equation:
y^2 = x^3 + ax + b (mod p), where p is prime
Elliptic Curve parameters are:
p, a, b, G, n, h
G = Generator Point used to generate other points
Private Key = Random Number
Public Key = Point on Curve = (Genera
On Sat, Mar 26, 2022 at 12:32:03PM +0530, Vipul Mehta wrote:
> If we consider ECDHE_ECDSA cipher based TLS handshake, then it is possible
> that the client can send invalid public session key to the server causing
> the vulnerability. Is this assumption correct ?
The CVE only affects situations i
