[Announce] [security fix] Libgcrypt and GnuPG

Branko Majic branko at majic.rs
Fri Aug 22 20:50:19 CEST 2014


On Mon, 11 Aug 2014 10:21:55 +0200
Werner Koch <wk at gnupg.org> wrote:

> On Sat,  9 Aug 2014 22:52, branko at majic.rs said:
> 
> > Skimming through the description, does it mean that users with OpenPGP
> > cards should be impervious to this attack? Can the attack be used to
> > leak symmetric keys during the GnuPG operation?
> 
> It is unlikely that this particular attack can be used against smart
> cards.  They are quite different from a general purpose PC.  Modern
> cards are designed to mitigate many classes of side-channel attacks
> since cards started to be targeted more than 25 years ago.
> 
> The private keys are only on the card and not accessible from the PC.
> 

I should've been more specific with my question (or perhaps I
misunderstood the answer a bit :)

If I understand correctly (please do correct me if not), when
encrypting/decrypting a file with GnuPG using an OpenPGP card, a
symmetric key is created that will encrypt the file, and subsequently
this symmetric key will be encrypted using the OpenPGP card, with the
encrypted symmetric key becoming part of the encrypted file.

This symmetric key is generated outside of the OpenPGP card (if I got
it right), and encryption/decryption of a file itself is performed
outside of the OpenPGP card (i.e. on host computer).

Can the attack be used to obtain this symmetric key for encrypting the
file during encryption/decryption operations performed by GnuPG?

Best regards

P.S.
Sorry for the original lost quote, I'll try to keep 'em shorter :)

-- 
Branko Majic
Jabber: branko at majic.rs
Please use only Free formats when sending attachments to me.

Бранко Мајић
Џабер: branko at majic.rs
Молим вас да додатке шаљете искључиво у слободним форматима.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20140822/d69423f0/attachment.sig>


More information about the Gcrypt-devel mailing list