Whose Curve Is It Anyway

What is this?

Windows failed to validate X509 certificates correctly (CVE-2020-0601), which breaks TLS (used for https), code signing, and signing of some files and emails. This could allow attackers to impersonate websites or sign malicious code. If you are running Windows, it’s extremely important to update. For more information, the NSA (who originally discovered and reported this vulnerability) released some excellent guidance. This website contains a proof-of-concept exploit you can use to test whether your computer is vulnerable.

Am I affected?

Click here and see! If that link loads for you, the answer is definitely yes. If that link doesn’t load, it’s still possible, but only if you haven’t applied Windows updates. If you follow the steps on the Microsoft website, you should be safe.

Firefox is unaffected by this bug as it does not use Windows APIs for trust evaluation. Edge and Chrome (and Chromium-derived browsers) are potentially affected. However, the Chrome team has pushed a mitigation to their stable channel so exploitation on Chrome requires both the browser and Windows 10 itself to remain unpatched.


Does this mean Windows Update can’t be trusted?

No, Windows Update uses pinned RSA certificates and binaries are signed, so it’s pretty much fine.

Will this website help attackers use this bug to nefarious ends?

No, reusing our proof-of-concept requires knowing a certificate private key, and we’re not sharing.

Who’s behind this website?

Trail of Bits

How does the math behind this work?

Check out our blog post on the subject.

Does this mean elliptic curve cryptography is worse than RSA?

Absolutely not