FreeBSD : gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack (2e5715f8-67f7-11e3-9811-b499baab0cbe)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Werner Koch reports :

CVE-2013-4576 has been assigned to this security bug.

The paper describes two attacks. The first attack allows to
distinguish keys: An attacker is able to notice which key is currently
used for decryption. This is in general not a problem but may be used
to reveal the information that a message, encrypted to a commonly not
used key, has been received by the targeted machine. We do not have a
software solution to mitigate this attack.

The second attack is more serious. It is an adaptive chosen ciphertext
attack to reveal the private key. A possible scenario is that the
attacker places a sensor (for example a standard smartphone) in the
vicinity of the targeted machine. That machine is assumed to do
unattended RSA decryption of received mails, for example by using a
mail client which speeds up browsing by opportunistically decrypting
mails expected to be read soon. While listening to the acoustic
emanations of the targeted machine, the smartphone will send new
encrypted messages to that machine and re-construct the private key
bit by bit. A 4096 bit RSA key used on a laptop can be revealed within
an hour.

See also :

http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000337.html
http://www.nessus.org/u?152e0098

Solution :

Update the affected packages.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 71529 ()

Bugtraq ID:

CVE ID: CVE-2013-4576

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now