GPG Patches 18-Year-Old Libgcrypt RNG Bug

New versions of Libgcrypt and Gnu Privacy Guard (GnuPG or GPG) released on Wednesday include security fixes for vulnerabilities discovered in the mixing functions of the Libgcrypt random number generator.

The flaws were privately disclosed by Felix Dörre and Vladimir Klebanov of Karlsruhe Institute of Technology in Germany, and according to an advisory from the GnuPG Project, the bug has been in all GnuPG and Libgcrypt versions since 1998.

“An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output,” said Werner Koch, who wrote GPG in 1997.

GPG is a free implementation of OpenPGP, and is used by applications to encrypt and digitally sign data and communication between parties. Libgcrypt is the crypto library used by GPG since version 2.x.

Koch wrote yesterday that all versions on all platforms are affected by the vulnerability.

“A first analysis on the impact of this bug in GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information,” Koch wrote in the advisory. “This needs more research and I would suggest not to overhasty revoke keys.”

A request for additional comment from Koch was not returned in time for publication.

Users are advised to either wait for a vendor patch, or for home-grown applications using GPG 2.0.x or 2.1.x, Libgcrypt should be updated. For earlier versions of GPG such as 1.4.x, users are urged to immediately update to GPG 1.4.21.

Koch’s financial struggles in keeping GPG afloat were in the news more than a year ago after a profile in Pro Publica. At the time, the project was running out of money after a fund-raising effort raised $43,000, well short of the $137,000 Koch was hoping for. Koch wanted the money to boost his own salary and hire a developer.

Shortly after the Pro Publica article went live, donations poured in to GPG to the tune of €120,000 from the Core Infrastructure Initiative and individual donors.

“As the main author of GnuPG, I like to thank everyone for supporting the project, be it small or large individual donations, helping users, providing corporate sponsorship, working on the software, and for all the encouraging words,” Koch said at the time.