We found cryptography bugs in the elliptic library using Wycheproof

https://blog.trailofbits.com/2025/11/18/we-found-cryptography-bugs-in-the-elliptic-library-using-wycheproof/

113•crescit_eundo•1mo ago

Comments

binkHN•1mo ago

FYI: two vulnerabilities in elliptic, a widely used JavaScript library for elliptic curve cryptography

some_furry•1mo ago

The maintainer seems to have abandoned it: https://github.com/indutny/elliptic/issues

I wrote a shim library and posted it on their issue tracker: https://github.com/indutny/elliptic/issues/343

Unfortunately, adoption seems slow. I'm talking with a few people about how to move the ecosystem to something more secure like noble-curves, but it's tricky.

thephyber•1mo ago

If you really feel like helping the ecosystem update, you could file issues/PRs for all of the downstream NPM modules to switch to your shim library.

Remember to tell them what the problem is and how your library solves it.

some_furry•1mo ago

If you click "Show more" you'll see this: https://imgur.com/a/KLI8cjL

tuananh•1mo ago

> One vulnerability is still not fixed after a 90-day disclosure window that ended in October 2024. It remains unaddressed as of this publication.

curious why now. should they public it last year after 90-day disclosure window ended?

tptacek•1mo ago

They can publish it whenever they want. There's no actual rules about this stuff. The 90 window is a courtesy.

pseudohadamard•1mo ago

Specifically, there are responsible disclosure guidelines that came about to deal with the problem of people dropping 0day on a vendor with no prior warning. So the 90 days is a commonly-accepted amount of time to give a vendor to produce a fix. If the vendor needs more time they can request that the submitter give them an extension, although in this case it appears the vendor never responded, thus the repeated entries in the timeline saying "tried to contact vendor, no response" to show they tried to do the right thing.

tptacek•4w ago

No there aren't. "Responsible disclosure" is an Orwellian term invented by vendors to create the idea that publishing independent research without vendor permission is "irresponsible". It is absolutely not the case that researchers owe anybody 90 days, or are obligated to honor requests for extensions. Project Zero, which invented the 90-day-plus-extension system, does that as a courtesy.

dadrian•4w ago

The 90-day disclosure window is an arbitrary courtesy, not a binding contract about the behavior of either party. They probably had other things to do.

throwaway81523•1mo ago

It's very hard to get stuff right with the secp curves. That's one of the reasons for the move to curve25519 and similar. The book "Guide to Elliptic Curve Cryptography" by Hankerson, Menezes, and Vanstone is mostly very careful step by step instruction of how to do secp* arithmetic properly. It would still be useful to have some formal verification to help the assurance of of any particular implementation.

pseudohadamard•1mo ago

25519 just brings in a different set of problems though, see for example https://hdevalence.ca/blog/2020-10-04-its-25519am, and @mmsc's post above which barely scratches the surface.

Ar-Curunir•4w ago

There are complete formulae for all prime-order Weierstrass curves. The work for secure implementation of prime-order curves is now simpler than for Edwards elliptic curves.

mmsc•1mo ago

(2024).

There are other vulnerabilities in that library too. I reported some (with some PRs) https://github.com/indutny/elliptic/pull/338, https://github.com/indutny/elliptic/pull/337, https://github.com/indutny/elliptic/issues/339 but I assume they'll never get fixed.

The library is dead and should be marked as vulnerable on npmjs tbh.

Local Agent Bench: Test 11 small LLMs on tool-calling judgment, on CPU, no GPU

Show HN: AboutMyProject – A public log for developer proof-of-work

Expertise, AI and Work of Future [video]

So Long to Cheap Books You Could Fit in Your Pocket

PID Controller

SpaceX Rocket Generates 100GW of Power, or 20% of US Electricity

Kubernetes MCP Server

I Built a Movie Recommendation Agent to Solve Movie Nights with My Wife

What were the first animals? The fierce sponge–jelly battle that just won't end

Sidestepping Evaluation Awareness and Anticipating Misalignment

OldMapsOnline

What It's Like to Be a Worm

Don't go to physics grad school and other cautionary tales

Lawyer sets new standard for abuse of AI; judge tosses case

AI anxiety batters software execs, costing them combined $62B: report

Bogus Pipeline

Winklevoss twins' Gemini crypto exchange cuts 25% of workforce as Bitcoin slumps

How AI Is Reshaping Human Reasoning and the Rise of Cognitive Surrender

Cycling in France

Ask HN: What breaks in cross-border healthcare coordination?

Show HN: Simple – a bytecode VM and language stack I built with AI

Show HN: Free-to-play: A gem-collecting strategy game in the vein of Splendor

My Eighth Year as a Bootstrapped Founde

Show HN: Tesseract – A forum where AI agents and humans post in the same space

Show HN: Vibe Colors – Instantly visualize color palettes on UI layouts

OpenAI is Broke ... and so is everyone else [video][10M]

We interfaced single-threaded C++ with multi-threaded Rust

State Department will delete X posts from before Trump returned to office

AI Skills Marketplace

Show HN: A fast TUI for managing Azure Key Vault secrets written in Rust