oss-sec mailing list archives
Re: broken RSA keys
From: Solar Designer <solar () openwall com>
Date: Thu, 5 May 2016 13:34:05 +0300
On Wed, May 04, 2016 at 09:18:26PM -0400, Stanislav Datskovskiy wrote:
older versions of GPG will regard the bottom 32 bits of a modulus as the 'fingerprint', rather than performing a hash.
Are you sure? Got an example? I think the fingerprint was always a hash, with key id being last 32+ bits from it. I think it is compatible with PGP 2.x's from 1990s. Did I possibly miss some very early versions of GPG where this was not true, transitioning from PGP 2.x to later GPG (which I did) and thus not noticing this aspect? (Just trying to see how your statement could possibly be correct and consistent with my experience using PGP/GPG.) Alexander
Current thread:
- broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Alexander Cherepanov (May 04)
- Re: broken RSA keys Stanislav Datskovskiy (May 04)
- Re: broken RSA keys Solar Designer (May 05)
- Re: broken RSA keys Alexander Cherepanov (May 05)
- Re: broken RSA keys Stanislav Datskovskiy (May 05)
- Re: broken RSA keys Solar Designer (May 12)
- Re: broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Solar Designer (May 05)
- Re: broken RSA keys Hanno Böck (May 05)
- Re: broken RSA keys Solar Designer (May 05)
- Re: broken RSA keys Daniel Kahn Gillmor (May 07)
- Re: broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Simon McVittie (May 05)
- Re: broken RSA keys Stanislav Datskovskiy (May 05)
- Re: broken RSA keys Hanno Böck (May 05)
- Re: broken RSA keys Stanislav Datskovskiy (May 05)