Side-channel vulnerability in libgcrypt - the Marvin Attack

Stephan Verbücheln verbuecheln at
Fri Mar 15 13:37:16 CET 2024


Thank you for your work and sharing your results!

How about the use case of interactively authenticating to a server
which is not controlled by oneself and therefore not fully trusted?
Since the authentication is interactive, the timing could matter.

For example, I am using my PGP key for SSH public-key authentication to and alike.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the Gcrypt-devel mailing list