Heartbleed Update (v3)
Over the weekend, an independent security researcher contacted Akamai about some defects in the software we use for memory allocation around SSL keys. We discussed Friday how we believed this had provided our SSL keys with protection against Heartbleed and had contributed the code back to the community. The code that we had contributed back was, as we noted, not a full patch, but would be a starting point for improving the openssl codebase.
In short: we had a bug. An RSA key has 6 critical values; our code would only attempt to protect 3 parts of the secret key, but does not protect 3 others. In particular, we only try to protect d, p, and q, but not d mod (p-1), d mod (q-1), or q^{-1} mod p. These intermediate extra values (the Chinese Remainder Theorem, or CRT, values) are calculated at key-generation time as a performance improvement. As the CRT values were not stored in the secure memory area, the possibility exists that these critical values for the SSL keys could have been exposed to an adversary exploiting the Heartbleed vulnerability. Given any CRT value, it is possible to calculate all 6 critical values.
As a result, we have begin the process of rotating all customer SSL keys/certificates. Some of these certificates will quickly rotate; some require extra validation with the certificate authorities and may take longer.
In parallel, we are evaluating the other claims made by the researcher, to understand what actions we can take to improve our customer protection.
By Andy Ellis
Source : TECH
Heartbleed Update (v3)
Click here for more : 👍