Accès libre

Flawed implemented cryptographic algorithm in the Microsoft ecosystem

Stefan Pocarovsky
Stefan Pocarovsky
, 
Martin Koppl
Martin Koppl
 et 
Milos Orgon
Milos Orgon
   | 11 juil. 2022
Journal of Electrical Engineering's Cover Image
À propos de cet article
Article précédent
Article suivant
Citez
Publié en ligne: 11 juil. 2022
Pages: 190 - 196
Reçu: 21 mai 2022
DOI: https://doi.org/10.2478/jee-2022-0025
Mots clés
© 2022 Stefan Pocarovsky et al., published by Sciendo
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

[1] R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and Public-Key Cryptosystems”, Communication of the ACM, vol. 21, No. 2, 1978.10.1145/359340.359342 Search in Google Scholar

[2] W. Diffie and M. E. Hellman, “New direction in cryptography”, IEEE Trans. Info. Theory, 1976.10.1109/TIT.1976.1055638 Search in Google Scholar

[3] E. Gilbert, F. MacWilliams, and N. Sloane, “Codes, which detect deception”, The Bell System technical Journal, vol. 53, no. 3, pp. 405-424, 1974.10.1002/j.1538-7305.1974.tb02751.x Search in Google Scholar

[4] J. Jonsson and B. Kalisky, “Public-Key Cryptography Standards (PKCS), Fremont”, Internet Engineering Task Force, Internet Engineering Task Force. Search in Google Scholar

[5] Understanding PKI: Concepts, Standards, and Deployment Considerations, Addison-Wesley Professional; 2nd edition (November 6), 2002. Search in Google Scholar

[6] L. C. Washington, Elliptic Curves Number Theory and Cryptography, Boca Raton: CRC Press, 2000. Search in Google Scholar

[7] V. G. Martinez, L. H. Encinas, and C. S. Avila, “A Survey of the Elliptic Curve Integrated Encryption Scheme”, Journal of computer science and engineering, vol 2, ISSUE 2, 2010. Search in Google Scholar

[8] M. Dubyk and R. R. Varuni, Examining CVE-2020-0601 Crypt 32.dll Elliptic Curve Cryptography (ECC) Certificate Validation Vulnerability, The SANS institute, 01.03. 2022. Search in Google Scholar

[9] G. FailOverFlow, “Console Hacking - PS3 Epic fails”, 2010. Search in Google Scholar

[10] K. Burda, Aplikovan kryptografie, Brno, VUTIUM, (in Czech), 2013. Search in Google Scholar

[11] SEC1: Elliptic Curve Cryptography, Mnonoauga: Certicom Research, 2000. Search in Google Scholar

[12] NSA, Patch Critical Cryptographic Vulnerability in Microsoft Windows Clients and Servers, 14. January, 2020. Search in Google Scholar

[13] J. Simpson, A technical analysis of CurveBall, (CVE–0601), February, 2020. Search in Google Scholar

[14] O. Lyak, POC for CVE–0601 Windows CryptoAPI, (Crypt32. dll), https://github.com/ly4k/CurveBall, January, 2020. Search in Google Scholar

eISSN:
1339-309X
Langue:
Anglais
Périodicité:
6 fois par an
Sujets de la revue:
Engineering, Introductions and Overviews, other
RSS Feed de la revue