Continuing with: Account request + libgcrypt security finding
Bert van der Weerd
bert at teamspicy.net
Fri Apr 17 00:19:00 CEST 2026
Hi Werner,
Thanks for providing closure on this. I've archived it, and if in the
future stuff needs to be done about it, we can be a step closer.
Thanks,
--Bert
On 4/16/26 10:36 AM, Werner Koch wrote:
> GCM aas well as all other counter modes are pretty fragile and tehre are
> a lot of conditions which lead to catastrophic failures. So better
> avoid GCM and use a robust mode like OCB.
>
> I do not considere this a bug becuase it is improper use of the
> algorithms. Right, we may check whether set_iv has been used but it
> won't be possible to check for nonce re-use - that is the caller's duty.
>
> Let us open a feature request to return a GPG_ERR_MISSING_ACTION error
> if set_iv has not been used.
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 849 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20260416/b0d12fdc/attachment.sig>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x1B93BFCB9DEDFAA0.asc
Type: application/pgp-keys
Size: 4703 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20260416/b0d12fdc/attachment.key>
More information about the Gcrypt-devel
mailing list