Security News > 2016 > August > 18-year-old random number generator flaw fixed in Libgcrypt, GnuPG (Help Net Security)

Researchers have discovered a “critical security problem” that affects all versions of the Libgcrypt cryptographic library and, therefore, all versions of the GnuPG (a.k.a. GPG) hybrid-encryption software. The researchers – Felix Dörre and Vladimir Klebanov of the Karlsruhe Institute of Technology, Germany – define the issue as a design flaw that exists in the mixing function of the Libgcrypt pseudorandom number generator (PRNG). “An attacker who obtains 4640 bits from the RNG can trivially predict … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/TTvh9mCiJ7M/