Cross-VM Side Channels and Their Use to Extract Private Keys

Casey Marshall casey.marshall at gmail.com
Fri Nov 9 21:33:04 CET 2012


Today I found this paper, "Cross-VM Side Channels and Their Use to Extract
Private Keys", available at
http://blogs.rsa.com/juels/stealing-your-neighbors-keys-with-a-drinking-glass/.

Are there any plans to harden GnuPG and libgcrypt against side-channel attacks?

I understand GnuPG is not recommended for local multi-user
deployments, but for better or worse, an increasing number of
applications are being hosted in virtualized environments.

Thanks,
Casey



More information about the Gnupg-devel mailing list