ROCA vulnerability – Universign’s plateform is not impacted

maxime Delorme
0 commentaires

ROCA vulnerability – Universign’s plateform is not impacted

CERT – Computer Emergency Response Team – confirms the ROCA vulnerability affects RSA key generation developed by Infineon Technologies AG. For more information, see “CERT-UK alert bulletin”.

The ROCA vulnerability arises from a problem with a software library used for RSA key generation embedded by many security products: token, smartcards, TLS certificates, chip card, ect.

A list of affected companies and services has been published which includes some eIDAS qualified Trust Service Providers.

Although all products used by Universign are a priori not concerned, we have tested all our RSA keys to detect weak and we successfully verified that we are not affected.

We remain vigilant and our teams continue to monitor potential vulnerability.

Leave a Reply

Your email address will not be published. Required fields are marked *

Test Universign