oss-sec mailing list archives

Re: broken RSA keys

From: Solar Designer <solar () openwall com>
Date: Thu, 5 May 2016 13:34:05 +0300

On Wed, May 04, 2016 at 09:18:26PM -0400, Stanislav Datskovskiy wrote:

older versions of GPG
will regard the bottom 32 bits of a modulus as the 'fingerprint',
rather than performing a hash.


Are you sure?  Got an example?

I think the fingerprint was always a hash, with key id being last 32+
bits from it.  I think it is compatible with PGP 2.x's from 1990s.

Did I possibly miss some very early versions of GPG where this was not
true, transitioning from PGP 2.x to later GPG (which I did) and thus not
noticing this aspect?  (Just trying to see how your statement could
possibly be correct and consistent with my experience using PGP/GPG.)

Alexander

Current thread:

broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Solar Designer (May 04)
  - Re: broken RSA keys Solar Designer (May 04)
    - Re: broken RSA keys Alexander Cherepanov (May 04)
  - Re: broken RSA keys Stanislav Datskovskiy (May 04)
    - Re: broken RSA keys Solar Designer (May 05)
    - Re: broken RSA keys Alexander Cherepanov (May 05)
    - Re: broken RSA keys Stanislav Datskovskiy (May 05)
    - Re: broken RSA keys Solar Designer (May 12)
    - Re: broken RSA keys Solar Designer (May 05)
    - Re: broken RSA keys Hanno Böck (May 05)
    - Re: broken RSA keys Solar Designer (May 05)
    - Re: broken RSA keys Daniel Kahn Gillmor (May 07)
    - Re: broken RSA keys Simon McVittie (May 05)
- Re: broken RSA keys Alexander Cherepanov (May 04)
- Re: broken RSA keys Alexander Cherepanov (May 04)
- Re: broken RSA keys Hanno Böck (May 05)
  - Re: broken RSA keys Stanislav Datskovskiy (May 05)
    - Re: broken RSA keys Hanno Böck (May 05)
    - Re: broken RSA keys Stanislav Datskovskiy (May 05)

(Thread continues...)