[Bug 891018] New: libgcrypt 1.5.4 remediates side-channel attack on Elgamal encryption subkeys
https://bugzilla.novell.com/show_bug.cgi?id=891018 https://bugzilla.novell.com/show_bug.cgi?id=891018#c0 Summary: libgcrypt 1.5.4 remediates side-channel attack on Elgamal encryption subkeys Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: All OS/Version: openSUSE 13.1 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: Andreas.Stieger@gmx.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0
From http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html
While evaluating the "Get Your Hands Off My Laptop" [1] paper I missed to describe [2] a software combination which has not been fixed and is thus vulnerable to the attack described by the paper. If you are using a GnuPG version with a *Libgcrypt version < 1.6.0*, it is possible to mount the described side-channel attack on Elgamal encryption subkeys. To check whether you are using a vulnerable Libgcrypt version, enter gpg2 --version on the command line; the second line of the output gives the Libgcrypt version: gpg (GnuPG) 2.0.25 libgcrypt 1.5.3 In this example Libgcrypt is vulnerable. If you see 1.6.0 or 1.6.1 you are fine. GnuPG versions since 1.4.16 are not affected because they do not use Libgcrypt. The recommendation is to update any Libgcrypt version below 1.6.0 to at least the latest version from the 1.5 series which is 1.5.4. Updating to 1.6.1 is also possible but that requires to rebuild GnuPG. Libgcrypt 1.5.4 has been released yesterday [3]; for convenience I include the download instructions below. A CVE-id has not yet been assigned. Many thanks to Daniel Genkin for pointing out this problem. Shalom-Salam, Werner [1] http://www.cs.tau.ac.il/~tromer/handsoff [2] http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000349.html [3] http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000351.html Reproducible: Didn't try -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=891018
https://bugzilla.novell.com/show_bug.cgi?id=891018#c1
Andreas Stieger
From http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000351.html
Noteworthy changes in version 1.5.4 (2014-08-07) ================================================ * Declare 2016-12-31 as end-of-life for 1.5. Backported from 1.6: * Improved performance of RSA, DSA, and Elgamal by using a new exponentiation algorithm. * Fixed a subtle bug in mpi_set_bit which could set spurious bits. * Fixed a bug in an internal division function. Recommend update libcrypt 1.5.3 to 1.5.4 for both openSUSE 12.3 and 13.1. Factory is on 1.6.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=891018
https://bugzilla.novell.com/show_bug.cgi?id=891018#c
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=891018
https://bugzilla.novell.com/show_bug.cgi?id=891018#c2
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=891018
https://bugzilla.novell.com/show_bug.cgi?id=891018#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=891018
https://bugzilla.novell.com/show_bug.cgi?id=891018#c3
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=891018
https://bugzilla.novell.com/show_bug.cgi?id=891018#c4
--- Comment #4 from Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=891018
Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com