Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 5 May 2016 13:03:36 +0200
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Subject: Re: broken RSA keys

On Thu, 5 May 2016 13:34:05 +0300
Solar Designer <solar@...nwall.com> wrote:

> On Wed, May 04, 2016 at 09:18:26PM -0400, Stanislav Datskovskiy wrote:
> > older versions of GPG
> > will regard the bottom 32 bits of a modulus as the 'fingerprint',
> > rather than performing a hash.  
> 
> Are you sure? 

https://tools.ietf.org/html/rfc4880

"V3 keys are deprecated.  They contain three weaknesses.  First, it is
relatively easy to construct a V3 key that has the same Key ID as any
other key because the Key ID is simply the low 64 bits of the public
modulus."

I had forgotten about that, but it probably also explains the two
pre-2000 keys with small factors I found.

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno@...eck.de
GPG: BBB51E42

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ