acm-header
Sign In

Communications of the ACM

Home/News/Researchers Crack 1024-Bit Rsa Encryption in Gnupg.../Full Text
ACM News

Researchers Crack 1024-Bit Rsa Encryption in Gnupg Crypto Library

By The Hacker News
July 5, 2017
Comments
View as: Print Mobile App Share:
Gnu Privacy Guard (GnuPG or GPG) is popular open source encryption software used by many operating systems from Linux and FreeBSD to Windows and macOS X.

A team of researchers found that the "left-to-right sliding window" method used by the libgcrypt library for carrying out the mathematics of cryptography leaks significantly more information about exponent bits than for right-to-left, allowing full RSA ke

Credit: The Hacker News

Security boffins have discovered a critical vulnerability in a GnuPG cryptographic library that allowed the researchers to completely break RSA-1024 and successfully extract the secret RSA key to decrypt data.

Gnu Privacy Guard (GnuPG or GPG) is popular open source encryption software used by many operating systems from Linux and FreeBSD to Windows and macOS X.

It's the same software used by the former NSA contractor and whistleblower Edward Snowden to keep his communication secure from law enforcement.

The vulnerability, labeled CVE-2017-7526, resides in the Libgcrypt cryptographic library used by GnuPG, which is prone to local FLUSH+RELOAD side-channel attack.

 

From The Hacker News
View Full Article

 

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account