GMS-2016-16: AES-GCM nonce reuse vulnerability

March 20, 2016

The package encryptor encrypts all messages using the same key/nonce. This not only exposes the XOR of the plaintexts if you XOR together two ciphertexts, but it also leaks the AES-GCM authentication key, allowing an attacker to forge messages and potentially perform chosen ciphertext attacks, which could potentially enable full plaintext recovery.

References

github.com/attr-encrypted/encryptor/commit/b946c1806d620e452a8f88f94387a527c3da2715
github.com/attr-encrypted/encryptor/pull/22

Code Behaviors & Features

Detect and mitigate GMS-2016-16 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →