(Gentoo Issues Fix) GnuPG ElGamal Signature Flaw May Disclose Type 20 ElGamal Private Keys to Remote Users
|
|
SecurityTracker Alert ID: 1008461
|
|
CVE Reference: CAN-2003-0971
(Links to External Site)
|
Date: Dec 12 2003
|
Impact: Disclosure of authentication information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 1.0.2 and later versions
|
Description: A vulnerability was reported in GnuPG in the creation of ElGamal keys for digital signature. Keys used for signing can be compromised.
It is reported that Phong Nguyen discovered a flaw that allows a remote user to determine your private key within a few seconds.
In
version 1.0.2 (January 2000), the flaw was introduced when the GnuPG code was modified to improve the efficiency of encryption using
ElGamal keys. A common factor was used for encrypting and signing. As a result, a remtote user with access to a target user's
signature can conduct a cryptographic attack to determine the target user's private key. This flaw reportedly affects only ElGamal
sign+encrypt keys (type 20) in GnuPG version 1.0.2 and later.
The vendor reports that ElGamal encrypt-only keys (type 16) are
not affected. Also, the DSA keys and RSA keys are not vulnerable, according to the report.
|
Impact: A remote user can determine the ElGamal private key.
|
Solution: Gentoo has released a fix and recommends that all users who have created ElGamal signing keys revoke them immediately. The vendor
also recommends that all Gentoo Linux users with gnupg installed update to gnupg-1.2.3-r5 or higher:
emerge sync
emerge -pv '>=app-crypt/gnupg-1.2.3-r5'
emerge '>=app-crypt/gnupg-1.2.3-r5'
emerge clean
|
Vendor URL: www.gnupg.org/ (Links to External Site)
|
Cause: State error
|
Underlying OS: Linux (Gentoo)
|
Reported By: Rajiv Aaron Manglani <rajiv@gentoo.org>
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Fri, 12 Dec 2003 03:10:13 -0500
From: Rajiv Aaron Manglani <rajiv@gentoo.org>
Subject: [gentoo-announce] GLSA: gnupg (200312-05)
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200312-05
- --------------------------------------------------------------------------
GLSA: 200312-05
Package: app-crypt/gnupg
Summary: GnuPG ElGamal signing keys compromised and
format string vulnerability
Severity: minimal
Gentoo bug: 34504, 35639
Date: 2003-12-12
CVE: CAN-2003-0971, CAN-2003-0978
Exploit: unknown
Affected: <=1.2.3-r4
Fixed: >=1.2.3-r5
DESCRIPTION:
Two flaws have been found in GnuPG 1.2.3.
First, ElGamal signing keys can be compromised. These keys are not
commonly used. Quote from
<http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html>:
"Phong Nguyen identified a severe bug in the way GnuPG creates and
uses ElGamal keys for signing. This is a significant security
failure which can lead to a compromise of almost all ElGamal keys
used for signing. Note that this is a real world vulnerability
which will reveal your private key within a few seconds."
Second, there is a format string flaw in the 'gpgkeys_hkp' utility
which "would allow a malicious keyserver in the worst case to execute
an arbitrary code on the user's machine." See
<http://www.s-quadra.com/advisories/Adv-20031203.txt> for
details.
SOLUTION:
All users who have created ElGamal signing keys should immediately
revoke them. Then, all Gentoo Linux machines with gnupg installed
should be updated to use gnupg-1.2.3-r5 or higher.
emerge sync
emerge -pv '>=app-crypt/gnupg-1.2.3-r5'
emerge '>=app-crypt/gnupg-1.2.3-r5'
emerge clean
// end
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)
iD8DBQE/2XUCnt0v0zAqOHYRAlrEAJwNpCuOGrcBcjKnC/c/F3AOxsTX3gCfU9ah
0gaONEybmmq0x4/vJheoXwg=
=F5DR
-----END PGP SIGNATURE-----
|
|
