A team of eight researchers from various universities has found a bug in the Libcrypto library that allows an attacker with local access to extract the RSA-1024 private key that was used to encrypt local data.
Their researcher paper was focused on GnuPG, an encryption software for Android, Linux, macOS, and Windows. More accurately, the researchers focused their work on Libgcrypt, GnuPG's module responsible for the actual GnuPG's encryption operations.
Researchers say they found that Libgcrypt used a method known as "sliding windows" to compute part of these mathematical equations behind data encryption. The problem, they say, was that "sliding windows" is a computation method known to leak data via side-channel attacks.
Previously, Libgcrypt and its unpatched "sliding window" method for dealing with part of the computational tasks was deemed acceptable because it leaked only part of the RSA private key. For example, implementations of Libgcrypt that used "4-bit left-to-right sliding windows" leaked only 40% of the private key, while "5-bit left-to-right sliding windows" leaked only 33% of the key.
Starting from this simple discovery that one of the attacks was never patched in Libgcrypt, researchers put together an algorithm that combines several previously known methods to recover the full RSA-1024 private key.
This allowed researchers to decrypt any data encrypted by that key, such as local files, emails, or backups.
The researchers reported their findings to the GnuPG team, who released Libgcrypt 1.7.8, a release that contains fixes to prevent exploitation via this new side-channel attack.
The GnuPG team, Libgcrypt's maintainers, also downplayed the bug's importance, but also warned about situations that users need to take into considerations.
Our readers can find out more details about the crypto attack in the research team's paper, entitled Sliding right into disaster: Left-to-right sliding windows leak. This is also not the first time that researchers borke RSA-1024.