Here are #July4th #infosec fireworks🎆: researchers 🔬 crack 1024-bit RSA Libgcrypt crypto library 🔏. CVE-2017-7526 effects GnuPG, Debian, and Ubuntu. Patch Libgcrypt to version 1.7.8. 💾
@james I still don't feel comfortable calling this "cracking 1024-bit RSA", if it's just a side-channel attack on a certain implementation.
@lx The side channel attack extrapolates approximately 50% of the private key, the remaining bits are solved using a modified version of the branch and prune algorithm of Heninger and Shacham. 😎
It's an interesting way to break the crypto library. 🔦
@james It is, but most news platform are making it sound like someone broke 1024-bit RSA in general.