So, according to this paper, "GnuPG in its current form is not safe for a multi-user system or for any
system that may run untrusted code."<p>The attack is against the RSA implementation specifically. Is there a gpg asymmetric encryption that <i>would</i> be considered safe? If not, is there a reasonable gpg alternative?
So, practical question<p>I am on Ubuntu LTS 12.04 with GnuPG 1.4.11 (Linux version 3.2.0-32-virtual (buildd@batsu) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5)).<p>Q1. Do I need to fix this potential attack?<p>Q2. Assuming this fix is not backported [now] - if I compile fresh gpg and swap the binary with the old gpg - will this fix it?
The key part is the first line in the abstract<p>"Flush+Reload is a cache side-channel attack that monitors access to data in shared pages"<p>The OS does not allow arbitary programs to share pages with gpg. If you share pages with gpg you can already read the key directly, no need for any side channels.<p>As far as I can tell the paper is completely pointless, a variant of this fallacy <a href="http://blogs.msdn.com/b/oldnewthing/archive/2009/01/21/9353310.aspx" rel="nofollow">http://blogs.msdn.com/b/oldnewthing/archive/2009/01/21/93533...</a>
Can someone knowledgeable about security tell me if there is anything about their claim (98% in one round) that is exaggerated or "best edge case only"?<p>I wonder how these attacks would fare against NaCl[1] or Sodium[2], who were designed to be secure against side-channel attacks.<p>[1]: <a href="http://nacl.cr.yp.to" rel="nofollow">http://nacl.cr.yp.to</a><p>[2]: <a href="http://labs.umbrella.com/2013/03/06/announcing-sodium-a-new-cryptographic-library" rel="nofollow">http://labs.umbrella.com/2013/03/06/announcing-sodium-a-new-...</a>