Severity: high

Timing Attack



Versions of jsrsasign are vulnerable to Timing Attacks. The signHex function uses a timing-unsafe method for ECDSA key generation and signing. This leaks the length of the scalar, which attackers may use to brute-force the private key. Timing attacks can be used to increase the efficiency of brute-force attacks by removing the exponential increase in entropy gained from longer secrets. This issue only affects the ECDSA functions.


Upgrade to version 8.0.13 or later.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory Published
    Apr 10th, 2020