[Announce] [security fix] Libgcrypt and GnuPG
Werner Koch
wk at gnupg.org
Mon Aug 11 10:21:55 CEST 2014
Hi,
[94 lines of full quote deleted - pretty please strip quote to what is
needed. I nearly missed your question]
On Sat, 9 Aug 2014 22:52, branko at majic.rs said:
> Skimming through the description, does it mean that users with OpenPGP
> cards should be impervious to this attack? Can the attack be used to
> leak symmetric keys during the GnuPG operation?
It is unlikely that this particular attack can be used against smart
cards. They are quite different from a general purpose PC. Modern
cards are designed to mitigate many classes of side-channel attacks
since cards started to be targeted more than 25 years ago.
The private keys are only on the card and not accessible from the PC.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gcrypt-devel
mailing list