GnuPG Crypto Library libgcrypt Cracked Via Side-Channel

Use Netsparker


Some clever boffins including Internet software pioneer djb have gotten libgcrypt cracked via a Side-Channel attack which has to do with the direction of a sliding window carried out in the library.

GnuPG Crypto Library libgcrypt Cracked Via Side-Channel

Patches have already been released so update your Linux servers ASAP, even though honestly it seems like a fairly theoretical attack (this side-channel attack requires that the attacker can run arbitrary software on the hardware where the private RSA key is used) it’s been treated as critical so upgrades are highly recommended.

However, on boxes with virtual machines this attack may be used by oneVM to steal private keys from another VM – which is very common and makes this significantly higher risk.

Linux users need to check out their distributions to see if a nasty bug in libgcrypt20 has been patched.

The patch, which has landed in Debian and Ubuntu, is to address a side-channel attack published last week.

The researchers published their work at the International Association for Cryptologic Research’s e-print archive last week. The paper was authored by Daniel Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and Yuval Yarom (who hail variously from the Technical University of Eindhoven, the University of Illinois, the University of Pennsylvania, the University of Maryland, and the University of Adelaide).

What they found is that the libgcrypt library used what’s called “sliding windows”, a method for carrying out the mathematics of cryptography – but one that’s known to leak data.


The technique they are using (which chains together various methodologies) can carry out very efficient full key recovery for RSA-1024.

You can read the full paper here: Sliding right into disaster: Left-to-right sliding windows leak [PDF]

The researchers looked at the left-to-right sliding window calculation in libgcrypt, in which the sliding window data leak was tolerated because it was believed only part of a key was recoverable (40 percent of bits in a four-bit sliding window; 33 percent in a five-bit sliding window).

What they found was an unpleasant surprise: a complete break of the library’s RSA-1024: “We show for the first time that the direction of the encoding matters: the pattern of squarings and multiplications in left-to-right sliding windows leaks significantly more information about the exponent than right-to-left”.

To get at the processing, the researchers also needed to carry out a side-channel attack, specifically a flush+reload cache-timing attack “that monitors the target’s cache access patterns”.

The vulnerability has been assigned a CVE 2017-7526 – and it’s reserved but the details haven’t been published there (I guess they are waiting until the patch is widespread).

Ubuntu Linux 16.04 LTS & 14.04 LTS are both vulnerable as are Debian Linux 6.0 and all Gnupg Libgcrypt versions pretty much 1.7.7 and below.

The GnuPG announcement is here: [Announce] Libgcrypt 1.7.8 released to fix CVE-2017-7526

Source: The Register

Posted in: Cryptography, Exploits/Vulnerabilities


Latest Posts:


Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.
How To Recover When Your Website Got Hacked How To Recover When Your Website Got Hacked
The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don't know what to do, or even where to start.
HTTrack - Website Downloader Copier & Site Ripper Download HTTrack – Website Downloader Copier & Site Ripper Download
HTTrack is a free and easy-to-use offline browser utility which acts as a website downloader and a site ripper for copying websites and downloading them for offline viewing.
sshLooter - Script To Steal SSH Passwords sshLooter – Script To Steal SSH Passwords
sshLooter is a Python script using a PAM module to steal SSH passwords by logging the password and notifying the admin of the script via Telegram when a user logs in.
Intercepter-NG - Android App For Hacking Intercepter-NG – Android App For Hacking
Intercepter-NG is a multi functional network toolkit including an Android app for hacking, the main purpose is to recover interesting data from the network stream and perform different kinds of MiTM attacks.


Comments are closed.