GnuPG closes leak in encryption library that allows RSA key discovery
Several scientists, including researchers from Eindhoven University of Technology, have found a leak in the encryption library libgcrypt, which is present in GnuPG. A patch has been released for the vulnerability that allows the discovery of a 1024bit rsa key.
The investigation, which was noted by The Register, speaks of a side channel attack that allows the discovery of a 1024-bit key. The same is possible for a 2048-bit key, which requires more computing power. The vulnerability is related to the use of a sliding window method of exponentiation that leaks information. To demonstrate the vulnerability, the researchers used a so-called ‘flush + reload’ attack on a system’s memory.
GnuPG developer Werner Koch writes in announcing the patch that the attack assumes that the attacker is capable of running self-selected software on a system’s hardware, which is often considered a game-over scenario if it happens on a system’s hardware. a machine with private keys. Therefore, there would be easier ways to find out the key. However, the attack would affect several virtual machines that share memory. This has been adopted in the advice of the NCSC.
According to Packet Storm, there are patches for Debian and Ubuntu for the vulnerability CVE-2017-7526 and Fedora also has a patch available. GnuPG stands for GNU Privacy Guard and is also often abbreviated to GPG. This is a collection of tools for securing communication flows and data. It can be used to encrypt data and create digital signatures, and to provide a framework for public key cryptography. It supports both OpenPGP and s/mime standards. The TU Eindhoven researchers who participated in the study are Tanja Lange, Christine van Vredendaal and Leon Groot Bruinderink.