[PATCH libgcrypt] Disable CPU speculation-related misfeatures
Falko Strenzke
falko.strenzke at mtg.de
Tue May 27 07:24:37 CEST 2025
Hi Guido,
is it possible to provide references to publications for the problem
that you aim to solve?
Best regards,
Falko
Am 26.05.25 um 19:11 schrieb Guido Trentalancia via Gcrypt-devel:
> The vulnerabilities being tackled by the patch proposed here are
> hardware vulnerabilities that exist in the CPU.
>
> They were introduced with branch-prediction and other speculative-
> execution CPU optimizations.
>
> Because, once exploited, they materialize in Information Disclosure
> (data leaks), cryptographic software is the most affected class of
> software, because cryptographic keys or encrypted data can be leaked.
>
> Unfortunately not all of such hardware vulnerabilities can be tackled
> by a CPU microcode update, some of them need to be tackled in software:
> this is what this patch aims to do (software-based mitigation of
> hardware vulnerabilities).
>
> An equivalent patch has been already proposed for the gnupg application
> and another one might be proposed for the gnutls library.
>
> In fact, only tackling libgcrypt is not enough, because cryptographic
> applications such as gnupg also handle the cryptographic keys (e.g.
> passphrases) and the sensitive data to be encrypted: these are then
> passed to the libgcrypt cryptographic functions for actual encryption
> and decryption.
>
> The "pros" of this patch are that it avoids the risk of leaking
> cryptographic keys or decrypted data on CPUs that are affected by those
> vulnerabilities.
>
> The "cons" of this patch are decreased execution speed: this is not
> normally noticeable to the user.
>
> I hope this helps.
>
> On Mon, 26/05/2025 at 16.53 +0200, Werner Koch wrote:
>> On Sun, 25 May 2025 17:25, Guido Trentalancia said:
>>> Disable CPU speculation-related misfeatures which are in
>>> fact vulnerabilities causing data leaks:
>> Please see my comments on gnupg-devel.
>>
>>
>> Shalom-Salam,
>>
>> Werner
>>
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel at gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gcrypt-devel
--
*MTG AG*
Dr. Falko Strenzke
Phone: +49 6151 8000 24
E-Mail: falko.strenzke at mtg.de
Web: mtg.de <https://www.mtg.de>
------------------------------------------------------------------------
MTG AG - Dolivostr. 11 - 64293 Darmstadt, Germany
Commercial register: HRB 8901
Register Court: Amtsgericht Darmstadt
Management Board: Jürgen Ruf (CEO), Tamer Kemeröz
Chairman of the Supervisory Board: Dr. Thomas Milde
This email may contain confidential and/or privileged information. If
you are not the correct recipient or have received this email in error,
please inform the sender immediately and delete this email.Unauthorised
copying or distribution of this email is not permitted.
Data protection information: Privacy policy
<https://www.mtg.de/en/privacy-policy>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20250527/c2a4c4d4/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5050 bytes
Desc: Kryptografische S/MIME-Signatur
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20250527/c2a4c4d4/attachment.bin>
More information about the Gcrypt-devel
mailing list