Date: Thu, 5 May 2016 13:03:36 +0200 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: Re: broken RSA keys On Thu, 5 May 2016 13:34:05 +0300 Solar Designer <solar@...nwall.com> wrote: > On Wed, May 04, 2016 at 09:18:26PM -0400, Stanislav Datskovskiy wrote: > > older versions of GPG > > will regard the bottom 32 bits of a modulus as the 'fingerprint', > > rather than performing a hash. > > Are you sure? https://tools.ietf.org/html/rfc4880 "V3 keys are deprecated. They contain three weaknesses. First, it is relatively easy to construct a V3 key that has the same Key ID as any other key because the Key ID is simply the low 64 bits of the public modulus." I had forgotten about that, but it probably also explains the two pre-2000 keys with small factors I found. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ