Story
Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed ExponentiationPreview
History
2015-03-20 21:01
From the paper (page 5):
Current Status. Following the practice of responsible disclosure, we worked with the authorsBut also:
of GnuPG to suggest several countermeasures and verify their effectiveness against our attacks
(see CVE-2014-3591 [MIT14]). GnuPG 1.4.19 and Libgcrypt 1.6.3, resilient to these attacks, were
released concurrently with the public announcement of the results presented in this paper.
GnuPG 2.1 (developed in parallel to GnuPG 1.x), as well as its underlyingNo word on a fix for that, but I see no reason why the patch to 1.x wouldn't be applied to 2.x ...
cryptographic library, libgcrypt (version 1.6.2), utilize very similar cryptographic codes and thus
may also be vulnerable to our attack.
2015-03-20 21:04
From the paper (page 5):But also:
Current Status. Following the practice of responsible disclosure, we worked with the authors
of GnuPG to suggest several countermeasures and verify their effectiveness against our attacks
(see CVE-2014-3591 [MIT14]). GnuPG 1.4.19 and Libgcrypt 1.6.3, resilient to these attacks, were
released concurrently with the public announcement of the results presented in this paper.
GnuPG 2.1 (developed in parallel to GnuPG 1.x), as well as its underlyingNo word on a fix for that, but I see no reason why the patch to 1.x wouldn't be applied to 2.x ...
cryptographic library, libgcrypt (version 1.6.2), utilize very similar cryptographic codes and thus
may also be vulnerable to our attack.
Junk Status
Not marked as junk