Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
GNU Privacy Guard
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Complete implementation of the OpenPGP and S/MIME standards}} {{distinguish|Pretty Good Privacy{{!}}Pretty Good Privacy (PGP)}} {{Infobox software | name = GNU Privacy Guard | title = | logo = Gnupg logo.svg | logo caption = | logo size = 250px | logo alt = The GNU Privacy Guard logo | screenshot = GPG keys generation.png | caption = Key pair generation process in [[Unix]] [[terminal emulator]] | screenshot size = | screenshot alt = | collapsible = | author = [[Werner Koch]] | developer = [[GNU Project]] | released = {{Start date and age|1999|09|07|df=yes}} | discontinued = | ver layout = stacked | latest release version = {{Multiple releases | branch1 = Stable | version1 = {{wikidata|property|preferred|reference|edit|Q223204|P348|P548=Q2804309}} | date1 = {{wikidata|qualifier|preferred|single|Q223204|P348|P548=Q2804309|P577}} | branch2 = LTS | version2 = {{wikidata|property|preferred|reference|edit|Q223204|P348|P548=Q15726348}} | date2 = {{wikidata|qualifier|preferred|single|Q223204|P348|P548=Q15726348|P577}} | branch3 = Legacy | version3 = {{wikidata|property|preferred|reference|edit|Q223204|P348|P548=Q6736813}} | date3 = {{wikidata|qualifier|preferred|single|Q223204|P348|P548=Q6736813|P577}} }} | latest preview version = {{wikidata|property|preferred|reference|edit|Q223204|P348|P548=Q51930650}} | latest preview date = {{wikidata|qualifier|preferred|single|Q223204|P348|P548=Q51930650|P577}} | programming language = [[C (programming language)|C]] | operating system = [[Microsoft Windows]], [[macOS]], [[RISC OS]], [[Android (operating system)|Android]], [[Linux]] | platform = | size = | repo = {{URL|https://dev.gnupg.org/source/gnupg/}} | language = | language count = <!-- Number only --> | language footnote = | genre = [[Pretty Good Privacy#OpenPGP|OpenPGP]] | license = 2007: [[GNU General Public License|GPL-3.0-or-later]]{{efn|GPL-3.0-or-later since 2007-07-04 for 2.x and 2007-10-23 for 1.x.}}<br />1997: [[GNU General Public License|GPL-2.0-or-later]]{{efn|GPL-2.0-or-later from 1997-11-18 until 2007-07-04 for 2.x and 2007-10-23 for 1.x.}} | alexa = | website = {{URL|https://gnupg.org/}} | standard = }} '''GNU Privacy Guard''' ('''GnuPG''' or '''GPG''') is a [[free-software]] replacement for [[Symantec Corporation|Symantec]]'s [[cryptography|cryptographic]] software suite [[Pretty Good Privacy|PGP]]. The software is compliant with the now obsoleted<ref>{{cite web |url= https://www.rfc-editor.org/rfc/rfc9580.html |title= RFC 9580 OpenPGP |date= July 2024 |publisher= IETF |access-date= 2024-12-19 |last1= Wouters |first1= Paul |last2= Huigens |first2= Daniel |last3= Winter |first3= Justus |last4= Yutaka |first4= Niibe }}</ref> {{IETF RFC|4880}}, the [[Internet Engineering Task Force|IETF]] standards-track specification of [[OpenPGP]]. Modern versions of PGP are [[Interoperability|interoperable]] with GnuPG and other OpenPGP v4-compliant systems.<ref>{{cite web |url= https://www.gnupg.org/faq/gnupg-faq.html#compatible |title= Gnu Privacy Guard |publisher= GnuPG.org |access-date= 2015-05-26 |archive-url= https://web.archive.org/web/20150429192132/https://www.gnupg.org/faq/gnupg-faq.html#compatible |archive-date= 2015-04-29 |url-status= live }}</ref> November 2023 saw two drafts aiming to update the 2007 OpenPGP v4 specification (RFC4880), ultimately resulting in the [https://datatracker.ietf.org/doc/rfc9580/ RFC 9580] standard in July 2024. The proposal from the GnuPG developers, which is called LibrePGP, was not taken up by the OpenPGP Working Group and future versions of GnuPG will not support the current version of OpenPGP. <ref>{{cite web |url= https://lwn.net/Articles/953797/ |title= A schism in the OpenPGP world |publisher= Linux Weekly News |access-date= 2023-12-09 }}</ref> GnuPG is part of the [[GNU Project]] and received major funding from the [[Politics of Germany|German government]] in 1999.<ref>{{cite web |url= http://www.heise.de/newsticker/meldung/Bundesregierung-foerdert-Open-Source-24110.html |title= Bundesregierung fördert Open Source |publisher= Heise Online |language= de |date= 1999-11-15 |access-date= July 24, 2013 |archive-url= https://web.archive.org/web/20131012024601/http://www.heise.de/newsticker/meldung/Bundesregierung-foerdert-Open-Source-24110.html |archive-date= October 12, 2013 |url-status= live }}</ref> == Overview == GnuPG is a [[Hybrid cryptosystem|hybrid-encryption]] software program because it uses a combination of conventional [[symmetric-key algorithm|symmetric-key cryptography]] for speed, and [[public-key cryptography]] for ease of secure key exchange, typically by using the recipient's public key to encrypt a [[session key]] which is used only once. This mode of operation is part of the OpenPGP standard and has been part of PGP from its first version. The GnuPG 1.x series uses an integrated cryptographic library, while the GnuPG 2.x series replaces this with [[Libgcrypt]]. GnuPG encrypts messages using [[public-key cryptography|asymmetric key pairs]] individually generated by GnuPG users. The resulting public keys may be exchanged with other users in a variety of ways, such as Internet [[key server (cryptographic)|key servers]]. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ "owner" identity correspondences. It is also possible to add a cryptographic [[digital signature]] to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted. GnuPG also supports [[Symmetric-key algorithm|symmetric encryption]] algorithms. By default, GnuPG uses the [[Advanced Encryption Standard|AES]] symmetrical algorithm since version 2.1,<ref name="2.1.0-beta864-announcement">{{cite web |url=https://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000357.html |title=<nowiki>[Announce] The maybe final Beta for GnuPG 2.1</nowiki> |access-date=2019-03-28 |archive-url=https://web.archive.org/web/20190502211129/https://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000357.html |archive-date=2019-05-02 |url-status=live }}</ref> [[CAST-128|CAST5]] was used in earlier versions. GnuPG does not use patented or otherwise restricted software or algorithms. Instead, GnuPG uses a variety of other, non-patented algorithms.<ref>{{cite web|url=https://www.gnupg.org/features.en.html|title=GnuPG Features|access-date=October 1, 2009|archive-url=https://web.archive.org/web/20091004174134/http://www.gnupg.org/features.en.html|archive-date=October 4, 2009|url-status=live}}</ref> For a long time, it did not support the [[International Data Encryption Algorithm|IDEA]] encryption algorithm used in PGP. It was in fact possible to use IDEA in GnuPG by downloading a plugin for it, however, this might require a license for some uses in countries in which IDEA was patented. Starting with versions 1.4.13 and 2.0.20, GnuPG supports IDEA because the last patent of IDEA expired in 2012. Support of IDEA is intended "to get rid of all the questions from folks either trying to decrypt old data or migrating keys from PGP to GnuPG",<ref>{{cite mailing list |last=Koch |first=Werner |title=GnuPG 1.4.13 released |publisher=gnupg-users |date=2012-12-21 |url=http://lists.gnupg.org/pipermail/gnupg-users/2012-December/045844.html |access-date=2013-05-19 |archive-url=https://web.archive.org/web/20130212065951/http://lists.gnupg.org/pipermail/gnupg-users/2012-December/045844.html |archive-date=2013-02-12 |url-status=live }}</ref> and hence is not recommended for regular use. More recent releases of GnuPG 2.x ("modern" and the now deprecated "stable" series) expose most cryptographic functions and algorithms [[Libgcrypt]] (its cryptography library) provides, including support for [[elliptic-curve cryptography]] (ECDH, ECDSA and EdDSA)<ref name="gnupg-2.1.0-announcement" /> in the "modern" series (i.e. since GnuPG 2.1). === Algorithms === As of 2.3 or 2.2 versions, GnuPG supports the following algorithms: ; [[Public-key cryptography|Public key]]: [[RSA (cryptosystem)|RSA]], [[ElGamal encryption|ElGamal]], [[Digital Signature Algorithm|DSA]], [[Elliptic-curve Diffie–Hellman|ECDH]] ([[Curve25519|cv25519]], [[Curve448|cv448]],{{efn|name=only2.3|only available in 2.3}} [[NIST Curve|nistp256, nistp384, nistp521]], [[ECC Brainpool|brainpoolP256r1, brainpoolP384r1, brainpoolP512r1]], secp256k1), [[Elliptic Curve Digital Signature Algorithm|ECDSA]] (nistp256, nistp384, nistp521, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, secp256k1), [[EdDSA]] (ed25519, ed448{{efn|name=only2.3}}) ; [[Symmetric-key algorithm|Cipher]]: [[Triple DES|3DES]], [[International Data Encryption Algorithm|IDEA]] (for backward compatibility), [[CAST-128|CAST5]], [[Blowfish (cipher)|Blowfish]], [[Twofish]], [[Advanced Encryption Standard|AES-128, AES-192, AES-256]], [[Camellia (cipher)|Camellia-128, -192 and -256]] ; [[Cryptographic hash function|Hash]]: [[MD5]], [[SHA-1]], [[RIPEMD|RIPEMD-160]], [[SHA-2|SHA-256, SHA-384, SHA-512, SHA-224]] ; [[Data compression|Compression]]: Uncompressed, [[ZIP (file format)|ZIP]], [[zlib|ZLIB]], [[bzip2|BZIP2]] == History == GnuPG was initially developed by [[Werner Koch]].<ref name="angwin-propublica">{{cite web | url = https://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke | date = 5 February 2015 | access-date = 6 February 2015 | first = Julia | last = Angwin | author-link=Julia Angwin | publisher = [[ProPublica]] | title = The World's Email Encryption Software Relies on One Guy, Who is Going Broke | archive-url = https://web.archive.org/web/20150206005618/http://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke | archive-date = 6 February 2015 | url-status = live }}</ref><ref name="wayner-new-york-times">{{cite news | url = http://partners.nytimes.com/library/tech/99/11/cyber/articles/19encrypt.html | date = 19 November 1999 | access-date = 2014-08-08 | first = Peter | last = Wayner | newspaper = [[The New York Times]] | title = Germany Awards Grant for Encryption | archive-url = https://web.archive.org/web/20140825204940/http://partners.nytimes.com/library/tech/99/11/cyber/articles/19encrypt.html | archive-date = 25 August 2014 | url-status = live }}</ref> The first production version, version 1.0.0, was released on September 7, 1999, almost two years after the first GnuPG release (version 0.0.0).<ref name="gnupg-1.0.0-announcement">{{cite web |url=https://gnupg.org/download/release_notes.html#sec-2-41 |title=Release Notes |publisher=GnuPG |access-date=2014-01-30 |archive-url=https://web.archive.org/web/20140209040746/http://gnupg.org/download/release_notes.html#sec-2-41 |archive-date=2014-02-09 |url-status=live }}</ref><ref name="angwin-propublica" /> The [[Federal Ministry for Economic Affairs and Energy|German Federal Ministry of Economics and Technology]] funded the documentation and the port to [[Microsoft Windows]] in 2000.<ref name="wayner-new-york-times" /> GnuPG is a system compliant to the OpenPGP standard, thus the history of OpenPGP is of importance; it was designed to interoperate with [[Pretty Good Privacy|PGP]], an email encryption program initially designed and developed by [[Phil Zimmermann]].<ref>{{cite web |url=http://www.openpgp.org/members/gnupg.shtml |title=Gnu Privacy Guard |publisher=OpenPGP.org |access-date=2014-02-26 |url-status=dead |archive-url=https://web.archive.org/web/20140227185009/http://openpgp.org/members/gnupg.shtml |archive-date=2014-02-27 }}</ref><ref>{{cite web |url=https://philzimmermann.com/EN/findpgp/ |title=Where to Get PGP |publisher=Philzimmermann.com |access-date=2014-02-26 |archive-url=https://web.archive.org/web/20140226011248/http://philzimmermann.com/EN/findpgp/ |archive-date=2014-02-26 |url-status=live }}</ref> On February 7, 2014, a GnuPG [[crowdfunding]] effort closed, raising [[Euro|€]]36,732 for a new website and infrastructure improvements.<ref>{{cite web |url=http://goteo.org/project/gnupg-new-website-and-infrastructure/home |title=GnuPG: New web site and infrastructure |access-date=2014-03-09 |publisher=goteo.org |archive-url=https://web.archive.org/web/20140330103240/http://goteo.org/project/gnupg-new-website-and-infrastructure/home |archive-date=2014-03-30 |url-status=live }}</ref> === Branches === Since the release of a stable GnuPG 2.3, starting with version 2.3.3 in October 2021, three stable branches of GnuPG are actively maintained:<ref>{{cite web|url=https://lists.gnupg.org/pipermail/gnupg-announce/2021q4/000466.html|title=GnuPG 2.3.3 released}}</ref> * A "[[Software release life cycle#Stable release|stable]] branch", which currently is (as of 2025) the 2.4 branch.<ref>{{Cite web |title=The GNU Privacy Guard |url=https://gnupg.org/ |url-status=live |archive-url=https://web.archive.org/web/20250320024858/https://gnupg.org/ |archive-date=2025-03-20 |access-date=2025-03-21 |website=The GNU Privacy Guard}}</ref> * A "[[Long-term support|LTS (long-term support)]] branch", which currently is (as of 2021) the 2.2 branch (which was formerly called "modern branch", in comparison to the 2.0 branch). * The old "[[Legacy system#Perspectives on legacy code|legacy]] branch" (formerly called "classic branch"), which is and will stay the 1.4 branch. Before GnuPG 2.3, two stable branches of GnuPG were actively maintained: * "Modern" (2.2), with numerous new features, such as [[elliptic curve cryptography]], compared to the former "stable" (2.0) branch, which it replaced with the release of GnuPG 2.2.0 on August 28, 2017.<ref name="gnupg-2.2.0-announcement">{{Cite mailing list |url = https://lists.gnupg.org/pipermail/gnupg-announce/2017q3/000413.html |title = [Announce] GnuPG 2.2.0 released |date = 2017-08-28 |access-date = 2017-09-21 |mailing-list = gnupg-announce |last = Koch |first = Werner |author-link = Werner Koch |archive-url = https://web.archive.org/web/20170829040530/https://lists.gnupg.org/pipermail/gnupg-announce/2017q3/000413.html |archive-date = 2017-08-29 |url-status = live }}</ref> It was initially released on November 6, 2014.<ref name="gnupg-2.1.0-announcement">{{cite web |date=2014-11-06 |url=http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000358.html |title=<nowiki>[Announce] GnuPG 2.1.0 "modern" released</nowiki> |last=Koch |first=Werner |author-link=Werner Koch |publisher=gnupg.org |access-date=2014-11-06 |archive-url=https://web.archive.org/web/20141106154709/http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000358.html |archive-date=2014-11-06 |url-status=live }}</ref> * "Classic" (1.4), the very old, but still maintained stand-alone version, most suitable for outdated or embedded platforms. Initially released on December 16, 2004.<ref name="gnupg-1.4.0-announcement">{{cite web |date=2004-12-16 |url=http://lists.gnupg.org/pipermail/gnupg-announce/2004q4/000186.html |title=<nowiki>[Announce] GnuPG stable 1.4 released</nowiki> |last=Koch |first=Werner |author-link=Werner Koch |publisher=gnupg.org |access-date=2004-12-16 |archive-url=https://web.archive.org/web/20050103172907/http://lists.gnupg.org/pipermail/gnupg-announce/2004q4/000186.html |archive-date=2005-01-03 |url-status=live }}</ref> Different GnuPG 2.x versions (e.g. from the 2.2 and 2.0 branches) cannot be installed at the same time. However, it is possible to install a "classic" GnuPG version (i.e. from the 1.4 branch) along with any GnuPG 2.x version.<ref name="gnupg-2.1.0-announcement"/> Before the release of GnuPG 2.2 ("modern"), the now deprecated "stable" branch (2.0) was recommended for general use, initially released on November 13, 2006.<ref name="gnupg-2.0.0-announcement">{{cite web |date=2006-11-13 |url=http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000239.html |title=<nowiki>[Announce] GnuPG 2.0 released</nowiki> |last=Koch |first=Werner |author-link=Werner Koch |publisher=gnupg.org |access-date=2014-01-30 |archive-url=https://web.archive.org/web/20140214124626/http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000239.html |archive-date=2014-02-14 |url-status=live }}</ref> This branch reached its [[End-of-life (product)|end-of-life]] on December 31, 2017;<ref>{{Cite web|url=https://lists.gnupg.org/pipermail/gnupg-announce/2017q1/000401.html|title=<nowiki>[Announce] GnuPG 2.1.18 released</nowiki>|last=Koch|first=Werner|author-link=Werner Koch|date=2017-01-23|publisher=gnupg.org|language=en|access-date=2017-02-04|archive-url=https://web.archive.org/web/20170211080210/https://lists.gnupg.org/pipermail/gnupg-announce/2017q1/000401.html|archive-date=2017-02-11|url-status=live}}</ref> Its last version is 2.0.31, released on December 29, 2017.<ref name="gnupg-2.0.31-tagged">{{Cite web|url = https://dev.gnupg.org/rGe6dae418c260592c0860519481b5eb92d14329db|title = GnuPG 2.0.31|date = 2017-12-29|access-date = 2017-12-30}}</ref> Before the release of GnuPG 2.0, all stable releases originated from a single branch; i.e., before November 13, 2006, no multiple release branches were maintained in parallel. These former, sequentially succeeding (up to 1.4) release branches were: * 1.2 branch, initially released on September 22, 2002,<ref name="gnupg-1.2.0-announcement">{{cite web |date=2002-09-06 |url=http://lists.gnupg.org/pipermail/gnupg-announce/2002q3/000136.html |title=<nowiki>[Announce]GnuPG 1.2 released</nowiki> |last=Koch |first=Werner |author-link=Werner Koch |publisher=gnupg.org |access-date=2014-11-06 |archive-url=https://web.archive.org/web/20140617075459/http://lists.gnupg.org/pipermail/gnupg-announce/2002q3/000136.html |archive-date=2014-06-17 |url-status=live }}</ref> with 1.2.6 as the last version, released on October 26, 2004.<ref name="gnupg-1.2.6-announcement">{{cite web |date=2004-08-26 |url=http://lists.gnupg.org/pipermail/gnupg-announce/2004q3/000176.html |title=<nowiki>[Announce] GnuPG 1.2.6 released</nowiki> |last=Koch |first=Werner |author-link=Werner Koch |publisher=gnupg.org |access-date=2014-11-06 |archive-url=https://web.archive.org/web/20140617075605/http://lists.gnupg.org/pipermail/gnupg-announce/2004q3/000176.html |archive-date=2014-06-17 |url-status=live }}</ref> * 1.0 branch, initially released on September 7, 1999,<ref name="gnupg-1.0.0-announcement"/> with 1.0.7 as the last version, released on April 30, 2002.<ref name="gnupg-1.0.7-announcement">{{cite web |date=2002-04-30 |url=http://lists.gnupg.org/pipermail/gnupg-announce/2002q2/000135.html |title=<nowiki>[Announce] GnuPG 1.0.7 released</nowiki> |last=Koch |first=Werner |author-link=Werner Koch |publisher=gnupg.org |access-date=2014-11-06 |archive-url=https://web.archive.org/web/20140617075617/http://lists.gnupg.org/pipermail/gnupg-announce/2002q2/000135.html |archive-date=2014-06-17 |url-status=live }}</ref> (Note that before the release of GnuPG 2.3.0, branches with an odd minor release number (e.g. 2.1, 1.9, 1.3) were development branches leading to a stable release branch with a "+ 0.1" higher version number (e.g. 2.2, 2.0, 1.4); hence branches 2.2 and 2.1 both belong to the "modern" series, 2.0 and 1.9 both to the "stable" series, while the branches 1.4 and 1.3 both belong to the "classic" series. With the release of GnuPG 2.3.0, this nomenclature was altered to be composed of a "stable" and "LTS" branch from the "modern" series, plus 1.4 as the last maintained "classic" branch. Also note that even or odd minor release numbers do not indicate a stable or development release branch, anymore.) == Platforms == [[File:Zypper new repository package signing key screenshot.png|thumb|Example of usage of GnuPG: As [[software repository]] signing key for [[openSUSE]] (with [[ZYpp]])]] Although the basic GnuPG program has a [[command-line interface]], there exists various [[Front and back ends|front-ends]] that provide it with a [[graphical user interface]]. For example, GnuPG encryption support has been integrated into [[Kontact#E-Mail|KMail]] and [[GNOME Evolution|Evolution]], the graphical [[email client]]s found in [[KDE]] and [[GNOME]], the most popular [[Linux]] desktops. There are also graphical GnuPG front-ends, for example [[Seahorse (software)|Seahorse]] for GNOME and [[KGPG]] and [[Kleopatra (software)|Kleopatra]] for KDE. GPGTools provides a number of front-ends for OS integration of encryption and [[key management]] as well as GnuPG installations via [[Installer (macOS)|Installer]] [[Package manager|packages]]<ref name=":0">{{cite web|title=GPG Suite|url=https://gpgtools.org/|publisher=GPGTools|access-date=2017-12-24}}</ref> for [[macOS]]. GPG Suite<ref name=":0" /> installs all related OpenPGP applications (GPG Keychain), plugins ([[GPG Mail]]) and dependencies (MacGPG), along with GPG Services (integration into macOS Services menu) to use GnuPG based encryption. [[Instant messaging]] applications such as [[Psi (instant messaging client)|Psi]] and Fire can automatically secure messages when GnuPG is installed and configured. Web-based software such as [[Horde (software)|Horde]] also makes use of it. The cross-platform [[Add-on (Mozilla)|extension]] [[Enigmail]] provides GnuPG support for [[Mozilla Thunderbird]] and [[SeaMonkey]]. Similarly, Enigform provides GnuPG support for [[Firefox|Mozilla Firefox]]. FireGPG was discontinued June 7, 2010.<ref>{{cite web|url=http://blog.getfiregpg.org/2010/06/07/firegpg-discontinued/|title=FireGPG's developers blog|date=7 June 2010 |access-date=July 24, 2013|archive-url=https://web.archive.org/web/20130727112311/http://blog.getfiregpg.org/2010/06/07/firegpg-discontinued/|archive-date=July 27, 2013|url-status=live}}</ref> In 2005, g10 Code GmbH and Intevation GmbH released [[Gpg4win]], a software suite that includes GnuPG for Windows, GNU Privacy Assistant, and GnuPG plug-ins for [[File Explorer|Windows Explorer]] and [[Microsoft Outlook|Outlook]]. These tools are wrapped in a standard Windows installer, making it easier for GnuPG to be installed and used on Windows systems.<ref>{{Cite web|title=Gpg4win – About Gpg4win|url=https://www.gpg4win.org/about.html|access-date=2021-03-23|website=gpg4win.org}}</ref> == Vulnerabilities == The OpenPGP standard specifies several methods of [[digital signature|digitally signing]] messages. In 2003, due to an error in a change to GnuPG intended to make one of those methods more efficient, a security vulnerability was introduced.<ref>{{cite web|url=https://www.di.ens.fr/~pnguyen/pub_Ng04.htm|title=Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard v1.2.3.|last=Nguyen|first=Phong Q.|publisher=EUROCRYPT 2004: 555–570|access-date=2019-08-23|archive-url=https://web.archive.org/web/20171204133110/http://www.di.ens.fr/~pnguyen/pub_Ng04.htm|archive-date=2017-12-04|url-status=live}}</ref> It affected only one method of digitally signing messages, only for some releases of GnuPG (1.0.2 through 1.2.3), and there were fewer than 1000 such keys listed on the key servers.<ref>{{cite web|url=http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000160.html|title=GnuPG's ElGamal signing keys compromised|last=Koch|first=Werner|author-link=Werner Koch|date=November 27, 2003|access-date=May 14, 2004|archive-url=https://web.archive.org/web/20040318174334/http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000160.html|archive-date=March 18, 2004|url-status=live}}</ref> Most people did not use this method, and were in any case discouraged from doing so, so the damage caused (if any, since none has been publicly reported) would appear to have been minimal. Support for this method has been removed from GnuPG versions released after this discovery (1.2.4 and later). Two further vulnerabilities were discovered in early 2006; the first being that scripted uses of GnuPG for signature verification may result in [[False positives and false negatives|false positives]],<ref>{{cite web|url=http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html|title=False positive signature verification in GnuPG|last=Koch|first=Werner|author-link=Werner Koch|date=February 15, 2006|access-date=May 23, 2006|archive-url=https://web.archive.org/web/20060617192634/http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html|archive-date=June 17, 2006|url-status=live}}</ref> the second that non-MIME messages were vulnerable to the injection of data which while not covered by the digital signature, would be reported as being part of the signed message.<ref>{{cite web|url=http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000218.html|title=GnuPG does not detect injection of unsigned data|last=Koch|first=Werner|author-link=Werner Koch|date=March 9, 2006|access-date=May 23, 2006|archive-url=https://web.archive.org/web/20060505205727/http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000218.html|archive-date=May 5, 2006|url-status=live}}</ref> In both cases updated versions of GnuPG were made available at the time of the announcement. In June 2017, a vulnerability (CVE-2017-7526) was discovered within [[Libgcrypt]] by Bernstein, Breitner and others: a library used by GnuPG, which enabled a full key recovery for RSA-1024 and about more than 1/8th of RSA-2048 keys. This [[side-channel attack]] exploits the fact that [[Libgcrypt]] used a [[Exponentiation by squaring#Sliding window method|sliding windows method for exponentiation]] which leads to the leakage of exponent bits and to full key recovery.<ref>{{Cite web|url=https://lwn.net/Articles/727179/|title=Breaking Libgcrypt RSA via a side channel|last=Edge|first=Jake|date=5 July 2017|website=LWN.net|access-date=28 July 2017|archive-url=https://web.archive.org/web/20170728155905/https://lwn.net/Articles/727179/|archive-date=28 July 2017|url-status=live}}</ref><ref>{{cite web|url=https://eprint.iacr.org/2017/627.pdf|title=Sliding right into disaster: Left-to-right sliding windows leak|access-date=2017-06-30|archive-url=https://web.archive.org/web/20170630170347/https://eprint.iacr.org/2017/627.pdf|archive-date=2017-06-30|url-status=live}}</ref> Again, an updated version of GnuPG was made available at the time of the announcement. Around June 2018, the [[SigSpoof]] attacks were announced. These allowed an attacker to convincingly spoof digital signatures.<ref>{{Cite web |url=https://arstechnica.com/information-technology/2018/06/decades-old-pgp-bug-allowed-hackers-to-spoof-just-about-anyones-signature/ |title=Decades-old PGP bug allowed hackers to spoof just about anyone's signature |date=14 June 2018 |access-date=2018-09-07 |archive-url=https://web.archive.org/web/20180907110403/https://arstechnica.com/information-technology/2018/06/decades-old-pgp-bug-allowed-hackers-to-spoof-just-about-anyones-signature/ |archive-date=2018-09-07 |url-status=live }}</ref><ref>{{Cite web |url=https://www.theregister.co.uk/2018/06/19/gnupg_popped_again_in_pass/ |title=Pass gets a fail: Simple Password Store suffers GnuPG spoofing bug |website=[[The Register]] |access-date=2018-09-07 |archive-url=https://web.archive.org/web/20180630114100/https://www.theregister.co.uk/2018/06/19/gnupg_popped_again_in_pass/ |archive-date=2018-06-30 |url-status=live }}</ref> In January 2021, Libgcrypt 1.9.0 was released, which was found to contain a severe bug that was simple to exploit. A fix was released 10 days later in Libgcrypt 1.9.1.<ref>{{Cite web|url=https://www.theregister.com/2021/01/29/severe_libgcrypt_bug/|archive-url = https://web.archive.org/web/20210221012505/https://www.theregister.com/2021/01/29/severe_libgcrypt_bug/|archive-date = 2021-02-21|title = Severe bug in Libgcrypt – used by GPG and others – is a whole heap of trouble, prompts patch scramble}}</ref> == See also == {{Portal|Free and open-source software}} {{Div col|colwidth=30em}} * [[Acoustic cryptanalysis]] * [[Key signing party]] * [[Off-the-Record Messaging]] – also known as OTR * [[OpenPGP card]] – a smartcard with many GnuPG functions * [[Package manager]] * [[Retroshare]] – a friend-to-friend network based on PGP authentication * [[Web of trust]] {{div col end}} == Notes == {{notelist}} == References == {{Reflist|30em}} == External links == * {{Official website|https://gnupg.org/}} * [https://lists.gnupg.org/pipermail/gnupg-announce/2007q4/000268.html A Short History of the GNU Privacy Guard], written by Werner Koch, published on GnuPG's 10th birthday {{GNU}} {{Cryptographic software}} {{DEFAULTSORT:Gnu Privacy Guard}} [[Category:1999 software]] [[Category:Cross-platform software]] [[Category:Cryptographic software]] [[Category:Free security software]] [[Category:GNU Project software|Privacy Guard]] [[Category:Linux security software]] [[Category:OpenPGP]] [[Category:Privacy software]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)
Pages transcluded onto the current version of this page
(
help
)
:
Template:Cite mailing list
(
edit
)
Template:Cite news
(
edit
)
Template:Cite web
(
edit
)
Template:Cryptographic software
(
edit
)
Template:Distinguish
(
edit
)
Template:Div col
(
edit
)
Template:Div col end
(
edit
)
Template:Efn
(
edit
)
Template:GNU
(
edit
)
Template:IETF RFC
(
edit
)
Template:Infobox software
(
edit
)
Template:Notelist
(
edit
)
Template:Official website
(
edit
)
Template:Portal
(
edit
)
Template:Reflist
(
edit
)
Template:Short description
(
edit
)