CVE-2019-12904 and the next libgcrypt release.

Werner Koch wk at
Sun Jun 23 17:49:54 CEST 2019

On Fri, 21 Jun 2019 20:08, gcrypt-devel at said:


See where I commented:

 Andreas, I wonder on which grounds you assigned a CVE for this claimed
 side-channel attack. The mentioned paper is about an old RSA
 side-channel and not on AES.  I would like to see more facts than the
 reference to a guy who "knows PPC pretty well".



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gcrypt-devel mailing list