Weikeng Chen

2 exploits Active since Feb 2018
CVE-2018-6594 WRITEUP HIGH WORKING POC
PyCrypto < 2.6.1 - Inadequate Encryption Strength in ElGamal Key Generation
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation.
CVSS 7.5
CVE-2018-6829 WRITEUP HIGH WORKING POC
Libgcrypt < 1.8.2 - Information Disclosure via ElGamal Ciphertext-Only Attack
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.
CVSS 7.5