New ECC Crypto Vulnerability in NXP Chips

Card Products

Moderator: horse dream

tay00000
Posts: 155
Joined: Tue Sep 27, 2016 10:58 am
Points :2132
Contact:

New ECC Crypto Vulnerability in NXP Chips

Post by tay00000 » Fri Jan 08, 2021 11:20 am

Please note that new ECC crypto vulnerability has been discovered in NXP A700x chips.

The following NXP products are considered insecure:
J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF.

The following Feitian products are considered insecure by relying on NXP A700x chips relying on the ECC crypto for FIDO authentication and for ECC based cryptography:
- Feitian K9 token.

Relevant Links:
- https://nvd.nist.gov/vuln/detail/CVE-2021-3011 (NIST CVE Vulnerability Database Record)
- https://ninjalab.io/wp-content/uploads/ ... _titan.pdf (Research whitepaper)

Who is online

Users browsing this forum: No registered users and 2 guests

JavaCard OS : Disclaimer