CVE-2024-23342: 
Python vulnerability analysis and mitigation

The ecdsa PyPI package, a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA, EdDSA, and ECDH, has been found vulnerable to the Minerva attack in versions 0.18.0 and prior. The vulnerability was discovered in January 2024 and assigned CVE-2024-23342. The vulnerability affects the package's implementation of ECDSA signature generation (GitHub Advisory).

The vulnerability stems from a timing side-channel leak during scalar multiplication operations in ECDSA signature generation. The implementation leaks the bit-length of the random nonce used in signing operations, which can be exploited through statistical analysis of signature timing measurements. The vulnerability has been assigned a CVSS v3.1 base score of 7.4 (High), with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N (GitHub Advisory).

An attacker who can measure the duration of hundreds to thousands of signing operations of known messages can potentially recover the private key. The attack requires observing timing differences in signature generation, with less noise in measurement requiring fewer signatures. The computation of the private key can be completed in seconds or minutes once sufficient signatures are collected (Minerva).

As of the vulnerability disclosure, no patched version exists. The project's security policy states that side-channel vulnerabilities are outside the scope of the project, not because they don't want side-channel secure implementation, but because the main goal is to be pure Python and implementing side-channel free code in pure Python is impossible. Users are advised to use quality wrappers around OpenSSL, such as pyca/cryptography, for security-critical applications (Security Policy).