oss-sec mailing list archives
Re: broken RSA keys
From: Hanno Böck <hanno () hboeck de>
Date: Thu, 5 May 2016 13:03:36 +0200
On Thu, 5 May 2016 13:34:05 +0300 Solar Designer <solar () openwall com> wrote:
On Wed, May 04, 2016 at 09:18:26PM -0400, Stanislav Datskovskiy wrote:older versions of GPG will regard the bottom 32 bits of a modulus as the 'fingerprint', rather than performing a hash.Are you sure?
https://tools.ietf.org/html/rfc4880 "V3 keys are deprecated. They contain three weaknesses. First, it is relatively easy to construct a V3 key that has the same Key ID as any other key because the Key ID is simply the low 64 bits of the public modulus." I had forgotten about that, but it probably also explains the two pre-2000 keys with small factors I found. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Attachment:
_bin
Description: OpenPGP digital signature
Current thread:
- broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Alexander Cherepanov (May 04)
- Re: broken RSA keys Stanislav Datskovskiy (May 04)
- Re: broken RSA keys Solar Designer (May 05)
- Re: broken RSA keys Alexander Cherepanov (May 05)
- Re: broken RSA keys Stanislav Datskovskiy (May 05)
- Re: broken RSA keys Solar Designer (May 12)
- Re: broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Solar Designer (May 05)
- Re: broken RSA keys Hanno Böck (May 05)
- Re: broken RSA keys Solar Designer (May 05)
- Re: broken RSA keys Daniel Kahn Gillmor (May 07)
- Re: broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Simon McVittie (May 05)
- Re: broken RSA keys Stanislav Datskovskiy (May 05)
- Re: broken RSA keys Hanno Böck (May 05)
- Re: broken RSA keys Stanislav Datskovskiy (May 05)