CIRCL FourQ Elliptic Curve Low-Order Point Injection Vulnerability

A vulnerability exists in CIRCL's implementation of the FourQ elliptic curve, allowing attackers to compromise session security by injecting low-order points and exploiting improper point validation during the Diffie-Hellman key exchange. This flaw could force the identity point, undermining session security.

Impact

Exploitation of this vulnerability could lead to compromised session security in Diffie-Hellman key exchanges, allowing for low-order point injection that could be exploited to force the identity point, according to Red Hat.

Reproduction

The vulnerability can be reproduced by using CIRCL's Diffie-Hellman functions with the Curve4Q implementation, and supplying low-order points that are not properly validated. This can be done by manipulating the input to the ScalarMult function, which incorrectly verifies if a point is on the curve.

Remediation

Users can upgrade to CIRCL version 1.6.1, which addresses the vulnerability by correcting the point validation issues. Instructions for upgrading are available in the CIRCL GitHub repository.