{"id":"CVE-2016-1000341","details":"In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well.","aliases":["GHSA-r9ch-m4fh-fc7q"],"modified":"2026-04-16T06:20:42.361647246Z","published":"2018-06-04T13:29:00.340Z","related":["openSUSE-SU-2024:10661-1"],"references":[{"type":"WEB","url":"https://usn.ubuntu.com/3727-1/"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20181127-0004/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2669"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2927"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html"},{"type":"FIX","url":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bcgit/bc-java","events":[{"introduced":"0"},{"last_affected":"70b39c9a84327f522bcbe89d5a5fda65ebf630ac"},{"fixed":"acaac81f96fec91ab45bd0412beaf9c3acd8defa"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.55"}]}}],"versions":["r1rv49","r1rv50","r1rv51","r1rv52","r1rv53","r1rv54","r1rv55"],"database_specific":{"vanir_signatures_modified":"2026-04-11T03:36:41Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"vanir_signatures":[{"deprecated":false,"source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","target":{"file":"core/src/test/java/org/bouncycastle/crypto/test/DSATest.java","function":"dsa2Test2"},"signature_version":"v1","id":"CVE-2016-1000341-3786a395","digest":{"length":3840,"function_hash":"332216072917143225016669381995500682324"},"signature_type":"Function"},{"id":"CVE-2016-1000341-44131fbf","deprecated":false,"target":{"file":"core/src/test/java/org/bouncycastle/crypto/test/DSATest.java","function":"testDSAsha3"},"signature_version":"v1","digest":{"length":3372,"function_hash":"132520434026343356662659693889203659699"},"source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","signature_type":"Function"},{"id":"CVE-2016-1000341-90aa7997","deprecated":false,"target":{"file":"core/src/test/java/org/bouncycastle/crypto/test/DSATest.java"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["101623258396802195745928390301909020120","141911700922968322402528915372867249074","47717762657888948296539155732098304832","130087374023590658792100315374088741491","120697253325677582348732731504813882663","180805582416965996222940918730378864453","328751699585688392773396616611117382461","184237007539684771754083518672157902133","57298324200353916106310044498151589120","264006021059104934356356918072118447544","179589365098612086910308314107054821269","313994154400472098598049410499815232467","208022473238082062201656747683375387873","108200116986003569089480169059879799524","191475712055987174752106979460225798874","333484796816810922990762856390864110192","210933362944930226047994599622878519482","181172003699713230324981339712466632189","131874832618466708838361909954319817062","101519443734930699179234827637214046647","95386716264728424337345568895090477260","55425581921891842039855219368000920701","100738196212093008070254553128877109075","53842363678502837221005663256801176183"]},"source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","target":{"file":"core/src/main/java/org/bouncycastle/crypto/signers/DSASigner.java"},"deprecated":false,"id":"CVE-2016-1000341-98d35ec2","digest":{"threshold":0.9,"line_hashes":["286692849273882713081015363242835817411","175615143587053739965663423854608411461","74231815013044889146827164898614175810","62093917002935173989964195951200312194","121627702418919596104693377004985903472","27326605225308319666667164385318231178"]},"signature_type":"Line"},{"digest":{"length":3904,"function_hash":"174264209177949416758152729935670332932"},"deprecated":false,"target":{"file":"core/src/test/java/org/bouncycastle/crypto/test/DSATest.java","function":"dsa2Test3"},"signature_version":"v1","source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","id":"CVE-2016-1000341-b10c8585","signature_type":"Function"},{"id":"CVE-2016-1000341-c1ff6d5a","deprecated":false,"target":{"file":"prov/src/test/java/org/bouncycastle/jce/provider/test/DSATest.java","function":"doDsaTest"},"signature_version":"v1","digest":{"length":1514,"function_hash":"278026125415969238902720980754529650627"},"source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","target":{"file":"core/src/test/java/org/bouncycastle/crypto/test/DSATest.java","function":"dsa2Test1"},"deprecated":false,"id":"CVE-2016-1000341-cb3650bb","digest":{"length":2823,"function_hash":"73015939201965326250105389457540911367"},"signature_type":"Function"},{"deprecated":false,"source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","target":{"file":"core/src/test/java/org/bouncycastle/crypto/test/DSATest.java","function":"dsa2Test4"},"signature_version":"v1","id":"CVE-2016-1000341-d17a028d","digest":{"length":4747,"function_hash":"302489959093201877245912788954956247328"},"signature_type":"Function"},{"signature_version":"v1","id":"CVE-2016-1000341-e5c0bdad","target":{"file":"core/src/main/java/org/bouncycastle/crypto/signers/DSASigner.java","function":"generateSignature"},"deprecated":false,"digest":{"length":613,"function_hash":"13395242249344282220682039393748973720"},"source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","signature_type":"Function"},{"signature_version":"v1","id":"CVE-2016-1000341-f210013d","target":{"file":"prov/src/test/java/org/bouncycastle/jce/provider/test/DSATest.java"},"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["206490056588690441468351636743553780203","29275357234013625521366466037282071831","70619095441539430949394795956488942782","139603454725246611501158339430960769313"]},"source":"https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa","signature_type":"Line"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-1000341.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}