oss-sec mailing list archives
GnuPG 1.4.16 fixes RSA key extraction via acoustic side channel (CVE-2013-4576)
From: Solar Designer <solar () openwall com>
Date: Wed, 18 Dec 2013 20:14:58 +0400
Hi, GnuPG 1.4.16 was released today with a curious security fix: http://lists.gnupg.org/pipermail/gnupg-devel/2013-December/028102.html * Fixed the RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack as described by Genkin, Shamir, and Tromer. See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576] Direct link to paper (8 MB; the website feels very slow at the moment): http://www.cs.tau.ac.il/~tromer/papers/acoustic-20131218.pdf Copy on SlideShare: http://www.slideshare.net/daniel_bilar/acoustic-20131218 Alexander
Current thread:
- GnuPG 1.4.16 fixes RSA key extraction via acoustic side channel (CVE-2013-4576) Solar Designer (Dec 18)