Bugtraq mailing list archives
PGP Signatures security BUG!
From: pope () NETGUIDE DK (Povl H. Pedersen)
Date: Tue, 7 Mar 2000 15:29:00 +0100
This message has NOT been sent to Network Associates, as I could not easily find a free way to report bugs. Most links are for paying customers only. BACKGROUND A friend of mine just received a mail from a colleague in the UK by the name John Smith (name invented), which was PGP signed. So of course my friend tried to verify the signature. This was the first time he verified it. The signature has Key ID: 0x6F620B65 So he had to look up the key using the keyservers, and surprisingly enough, the server did NOT return the name of the sender, but of a person called "Mike Evans". I then did a lookup on John Smith's e-mail, and I only got the signature of Mike Evans back. I did not get 2 adresses, or any other indication that told me something styrange is going on. Adding Mike Evans' public key to the keyring still results in the signature verification being OK, but the username is listed as unknown. THE PROBLEM The problem is, that the PGP servers expects all key IDs to be unique numbers, and does not expect 2 users to have the same keyID. And with the current amount of users, we are starting to get multiple users with the same keyID. EXPLOIT It is possible to generate false signatures, and John Smith can send new e-mails in the name of Mike Evans to users who does not have Mike Evans' key in their keyring, and when they do a lookup, they will find Mike Evans' key. It will take a long time to generate a new key with a specific fingerprint, but nonetheless, this 'overwriting' and hiding of other users IDs in the public PGP servers is bad. -- --- Povl H. Pedersen - Chief Technology Officer - NetGuide Scandinavia as Phone: +45 8618 1845 Cellular: +45 4093 5511 Fax: +45 8618 1863 e-mail: mailto:pope () netguide dk - PGP Key ID: 0x8F4BC755
Current thread:
- PGP Signatures security BUG! Povl H. Pedersen (Mar 07)
- Re: PGP Signatures security BUG! Tobias Haustein (Mar 08)
- Re: PGP Signatures security BUG! Werner Koch (Mar 08)
- RealServer exposes internal IP addresses tschweikle () FIDUCIA DE (Mar 08)
- Re: PGP Signatures security BUG! Eric Murray (Mar 08)
- [ Hackerslab bug_paper ] Linux printtool get printer password Sheshep ankh Dubhe (Mar 08)
- Re: [ Hackerslab bug_paper ] Linux printtool get printer password Tuomas Jormola (Mar 09)
- RealPlayer and Comet Cursor Keela Robison (Mar 09)
- Fwd: ircii-4.4 buffer overflow bladi (Feb 07)
- Re: Fwd: ircii-4.4 buffer overflow Derek Callaway (Mar 11)
- Re: RealPlayer and Comet Cursor pedward () WEBCOM COM (Mar 09)