Vulnerability Note VU#940388

GnuPG creates ElGamal keys for signing using insufficient entropy

Original Release date: 29 Dec 2003 | Last revised: 29 Dec 2003


Gnu Privacy Guard (GnuPG) is a cryptographic utility used to generate cryptographic keys and perform other cryptographic functions. A vulnerability in the way GnuPG generates ElGamal keys has been discovered. This vulnerability renders ElGamal signing key untrustworthy.


A vulnerability in the algorithm to generate ElGamal sign+encrypt keys can permit an attacker to generate valid signatures without access to the private key. This vulnerability does not affect encrypt-only (type 16) ElGamal keys, only the ElGamal sign+encrypt key (type 20) when used to make a signature with a GnuPG version 1.0.2 or later.


A remote attacker can generate a valid signature without access to the private key.


Revoke your ElGamal signing keys. GnuPG has released a patch for version 1.2.3 or you can upgrade to version 1.2.4 or later.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
GNU Privacy GuardAffected-29 Dec 2003
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



Thanks to Werner Koch for his advisory on this issue, and Phong Nguyen for reporting this vulnerability.

This document was written by Jason A Rafail.

Other Information

  • CVE IDs: CAN-2003-0971
  • Date Public: 27 Nov 2003
  • Date First Published: 29 Dec 2003
  • Date Last Updated: 29 Dec 2003
  • Severity Metric: 6.33
  • Document Revision: 7


If you have feedback, comments, or additional information about this vulnerability, please send us email.