GnuPG crypto vulnerability exposed

A team of security researchers from several universities have cracked the 1024-bit RSA encryption in theLibgcrypt cryptographic library used by GnuPG.

According to an abstract from the research paper, the security experts “demonstrate a complete break of RSA-1024 as implemented in Libgcrypt.

Our attack makes essential use of the fact that Libgcrypt uses the left-to-right method for computing the sliding-window expansion.” 

Libgcrypt is part of the GnuPG code base and is used popular implementation of the OpenPGP standard and applications such as encrypted email and files.

GnuPG has released a new version of Libgcrypt (1.7.8) that fixes the vulnerability here

Leave a Reply

Your email address will not be published. Required fields are marked *