Flawed implemented cryptographic algorithm in the Microsoft ecosystem
Online veröffentlicht: 11. Juli 2022
Seitenbereich: 190 - 196
Eingereicht: 21. Mai 2022
DOI: https://doi.org/10.2478/jee-2022-0025
Schlüsselwörter
© 2022 Stefan Pocarovsky et al., published by Sciendo
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
With the continuous development in the electronic chip field, the requirements for the security of IT infrastructures are also increasing. The need for ever-increasing key lengths in cryptography to maintain security cannot grow indefinitely. One of the solutions in the field of cryptography for using shorter keys while maintaining security is cryptography based on the principle of elliptic curves. Asymmetric elliptic curve cryptosystems lies in solving the discrete logarithm problem on an elliptic curve. However, not only secure algorithm but also its correct implementation is important. In this paper, we discuss an incorrect implementation of the ECC algorithm in the crypt32.dll library (Microsoft Windows) and the possibilities of its misuse.