Electromagnetic Emanation Attack on Libgcrypt's Elliptic-Point Curve Multiplication

CVE-2015-7511 · LOW Severity

AV:L/AC:M/AU:N/C:P/I:N/A:N

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.

Learn more about our Physical Security Assessment.