Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Security)  >   GnuPG (Gnu Privacy Guard) Vendors:
(Gentoo Issues Fix) GnuPG ElGamal Signature Flaw May Disclose Type 20 ElGamal Private Keys to Remote Users
SecurityTracker Alert ID:  1008461
SecurityTracker URL:
CVE Reference:   CVE-2003-0971   (Links to External Site)
Date:  Dec 12 2003
Impact:   Disclosure of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.0.2 and later versions
Description:   A vulnerability was reported in GnuPG in the creation of ElGamal keys for digital signature. Keys used for signing can be compromised.

It is reported that Phong Nguyen discovered a flaw that allows a remote user to determine your private key within a few seconds.

In version 1.0.2 (January 2000), the flaw was introduced when the GnuPG code was modified to improve the efficiency of encryption using ElGamal keys. A common factor was used for encrypting and signing. As a result, a remtote user with access to a target user's signature can conduct a cryptographic attack to determine the target user's private key. This flaw reportedly affects only ElGamal sign+encrypt keys (type 20) in GnuPG version 1.0.2 and later.

The vendor reports that ElGamal encrypt-only keys (type 16) are not affected. Also, the DSA keys and RSA keys are not vulnerable, according to the report.

Impact:   A remote user can determine the ElGamal private key.
Solution:   Gentoo has released a fix and recommends that all users who have created ElGamal signing keys revoke them immediately. The vendor also recommends that all Gentoo Linux users with gnupg installed update to gnupg-1.2.3-r5 or higher:

emerge sync
emerge -pv '>=app-crypt/gnupg-1.2.3-r5'
emerge '>=app-crypt/gnupg-1.2.3-r5'
emerge clean

Vendor URL: (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Gentoo)

Message History:   This archive entry is a follow-up to the message listed below.
Nov 27 2003 GnuPG ElGamal Signature Flaw May Disclose Type 20 ElGamal Private Keys to Remote Users

 Source Message Contents

Subject:  [gentoo-announce] GLSA: gnupg (200312-05)

Hash: SHA1

- --------------------------------------------------------------------------
- --------------------------------------------------------------------------

GLSA:        200312-05
Package:     app-crypt/gnupg
Summary:     GnuPG ElGamal signing keys compromised and
                format string vulnerability
Severity:    minimal
Gentoo bug:  34504, 35639
Date:        2003-12-12
CVE:         CAN-2003-0971, CAN-2003-0978
Exploit:     unknown
Affected:    <=1.2.3-r4
Fixed:       >=1.2.3-r5


Two flaws have been found in GnuPG 1.2.3.

First, ElGamal signing keys can be compromised. These keys are not
commonly used. Quote from

   "Phong Nguyen identified a severe bug in the way GnuPG creates and
   uses ElGamal keys for signing. This is a significant security
   failure which can lead to a compromise of almost all ElGamal keys
   used for signing. Note that this is a real world vulnerability
   which will reveal your private key within a few seconds."

Second, there is a format string flaw in the 'gpgkeys_hkp' utility
which "would allow a malicious keyserver in the worst case to execute
an arbitrary code on the user's machine." See
<> for


All users who have created ElGamal signing keys should immediately
revoke them. Then, all Gentoo Linux machines with gnupg installed
should be updated to use gnupg-1.2.3-r5 or higher.

        emerge sync
        emerge -pv '>=app-crypt/gnupg-1.2.3-r5'
        emerge '>=app-crypt/gnupg-1.2.3-r5'
        emerge clean

// end

Version: GnuPG v1.2.3 (Darwin)



Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC