Trail of Bits Blog
Follow
We found cryptography bugs in the elliptic library using Wycheproof
Trail of Bits is publicly disclosing two vulnerabilities in the widely used JavaScript library, elliptic. These vulnerabilities, discovered using the Wycheproof testing tool, affect a library downloaded millions of times weekly. One vulnerability allows for EdDSA signature malleability by failing to check if a signature component is within the allowed range. This could enable attackers to forge valid signatures for known message pairs. The second vulnerability, CVE-2024-48948, affects ECDSA signature verification. It causes valid signatures to fail verification if the message hash has leading zeros. This occurs because the library incorrectly calculates the hash size after conversion to a number object. This miscalculation leads to improper truncation of the hash, preventing correct verification. One of these critical vulnerabilities remains unfixed despite a 90-day disclosure window closing in October 2024. Trail of Bits emphasizes the importance of continuous testing with tools like Wycheproof for cryptographic libraries. The disclosure process involved private reporting to the library maintainers through GitHub advisories. The EdDSA issue was promptly addressed, while the ECDSA issue saw a delayed response. The findings highlight significant security implications for projects relying on the elliptic library.
