== Insecure CHIASMUS encryption in GSTOOL == GSTOOL versions 3.0 to 4.7 (inclusive) contain an insecure encryption feature using the non-public CHIASMUS block cipher. Due to the use of an insecure PRNG for key generation, files encrypted using the encryption feature of this tool can be decrypted without knowledge of the key within seconds to minutes. The affected versions of GSTOOL were developed by Steria Mummert Consulting for the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) and released by the BSI. We reported the issue to the BSI in November 2011. The BSI issued an advisory warning users to stop using the encryption feature in the same month. A patch disabling the vulnerable encryption feature was released in June 2013. We later learned that the issue was independently discovered by Felix Schuster in 2009. For full details including further issues found, please see the German advisory, available at http://janschejbal.wordpress.com/2013/09/11/advisory-unsichere-verschluesselung-bei-gstool/. Since this is an implementation issue, the CHIASMUS block cipher itself and other products (e.g. Chiasmus for Windows) using the CHIASMUS block cipher are NOT affected. Kind regards, Jan Schejbal
