Libgcrypt/GnuPG Hit By Critical Security Problem Since 1998
Werner Koch today publicly announced that Libgcrypt and GnuPG have a "critical security problem" with all versions released prior to today and it affects all platforms.
Koch noted in today's security announcement, "Felix Dörre and Vladimir Klebanov from the Karlsruhe Institute of Technology found a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and Libgcrypt versions."
This issue is CVE-2016-6316. Again, all libgcrypt and GnuPG versions are affected on all platforms. Werner added, "A first analysis on the impact of this bug in GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information. This needs more research and I would suggest _not to_ overhasty revoke keys."
Koch noted in today's security announcement, "Felix Dörre and Vladimir Klebanov from the Karlsruhe Institute of Technology found a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and Libgcrypt versions."
This issue is CVE-2016-6316. Again, all libgcrypt and GnuPG versions are affected on all platforms. Werner added, "A first analysis on the impact of this bug in GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information. This needs more research and I would suggest _not to_ overhasty revoke keys."
18 Comments