James Wright ๐Ÿ”‘ @james

Here are fireworks๐ŸŽ†: researchers ๐Ÿ”ฌ crack 1024-bit RSA Libgcrypt crypto library ๐Ÿ”. CVE-2017-7526 effects GnuPG, Debian, and Ubuntu. Patch Libgcrypt to version 1.7.8. ๐Ÿ’พ

thehackernews.com/2017/07/gnup

mastodon.jamesmwright.com/medi mastodon.jamesmwright.com/medi

ยท Web ยท 1 ยท 2

@james I still don't feel comfortable calling this "cracking 1024-bit RSA", if it's just a side-channel attack on a certain implementation.

@lx The side channel attack extrapolates approximately 50% of the private key, the remaining bits are solved using a modified version of the branch and prune algorithm of Heninger and Shacham. ๐Ÿ˜Ž

It's an interesting way to break the crypto library. ๐Ÿ”ฆ

@james It is, but most news platform are making it sound like someone broke 1024-bit RSA in general.