Silk Road forums
Discussion => Security => Topic started by: abby on August 04, 2013, 11:41 am
-
http://www.debian.org/security/2013/dsa-2730
Debian Security Advisory
DSA-2730-1 gnupg -- information leak
Date Reported:29 Jul 2013
Affected Packages: gnupg (http://packages.debian.org/src:gnupg)
Vulnerable:Yes
Security database references:In the Debian bugtracking system: Bug 717880 (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717880).In Mitre's CVE dictionary: CVE-2013-4242 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242).
More information: Yarom and Falkner discovered that RSA secret keys could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system.
This update fixes this issue for the 1.4 series of GnuPG. GnuPG 2.x is affected through its use of the libgcrypt11 library, a fix for which will be published in DSA 2731.
For the oldstable distribution (squeeze), this problem has been fixed in version 1.4.10-4+squeeze2.
For the stable distribution (wheezy), this problem has been fixed in version 1.4.12-7+deb7u1.
For the unstable distribution (sid), this problem has been fixed in version 1.4.14-1.
We recommend that you upgrade your gnupg packages.
-
I forgot to post this as well, which gives more information
http://eprint.iacr.org/2013/448 (http://eprint.iacr.org/2013/448)
Cryptology ePrint Archive: Report 2013/448
Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack
Yuval Yarom and Katrina Falkner
Abstract: Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy program to recover over 98% of the bits of the private key in a single decryption or signing round. Unlike previous attacks, the attack targets the last level L3 cache. Consequently, the spy program and the victim do not need to share the execution core of the CPU. The attack is not limited to a traditional OS and can be used in a virtualised environment, where it can attack programs executing in a different VM.
Category / Keywords: Side Channel Attack, Cache, RSA, Exponentiation
Date: received 18 Jul 2013
Contact author: yval at cs adelaide edu au
Available format(s): PDF | BibTeX Citation
Version: 20130722:123058 (All versions of this report)
-
Hm... interesting. For anybody who doesn't make computers their hobby, this requires that someone either have access to your machine locally or that they load a virus on to it remotely or something like that -- if they can't execute anything on your computer, then they can't use this attack to steal your private keys :)
If you use Tails or some other live CD that you can't really update, I wouldn't worry about it. Don't get me wrong, it is a risk, but I wouldn't switch operating systems because of it or anything.
-
I use GPG4USB, there hasn't been a new build in a while.
-
thanks for the post and the link, don't know how I missed that on the debian page. +1
-
I use GPG4USB, there hasn't been a new build in a while.
the release is dated 25/7 so if you go back and check you'll see the update link
edit.. you're right, it hasn't been updated yet.
-
Keep us posted please.
-
I use GPG4USB, there hasn't been a new build in a while.
the release is dated 25/7 so if you go back and check you'll see the update link
edit.. you're right, it hasn't been updated yet.
So, here's how to update gpg4usb before the maintainers of it do: if you use Windows, download a fixed copy of gpg.exe -- you'll probably have to get it out of the GPG4Win package, or maybe just find somebody who was nice enough to compile the program using the fixed source code. Then just drop the gpg.exe file in to the "bin" subdirectory of wherever you keep gpg4usb. So for example, if you keep gpg4usb on a USB key that's D: when you connect it, you want to replace this file:
D:\gpg4usb\bin\gpg.exe
... and there you go, gpg4usb will use the fixed gpg.exe you stuck in there. Should work just fine -- gpg4usb is actually just a front-end for GNU's gpg program :)
If you use Linux, you want to replace the "gpg" file (without a .exe on the end).