Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c. On multi user systems or on boxes with virtual machines this attack may be used to steal private keys.
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c. On multi user systems or on boxes with virtual machines this attack may be used to steal private keys.
https://lists.gnupg.org/pipermail/gnupg-announce/2017q3/000414.html https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=bf76acbf0da6b0f245e491bec12c0f0a1b5be7c9 https://eprint.iacr.org/2017/806