oss-sec mailing list archives

Re: broken RSA keys

From: Hanno Böck <hanno () hboeck de>
Date: Thu, 5 May 2016 13:03:36 +0200

On Thu, 5 May 2016 13:34:05 +0300
Solar Designer <solar () openwall com> wrote:

On Wed, May 04, 2016 at 09:18:26PM -0400, Stanislav Datskovskiy wrote:

older versions of GPG
will regard the bottom 32 bits of a modulus as the 'fingerprint',
rather than performing a hash.


Are you sure?


https://tools.ietf.org/html/rfc4880

"V3 keys are deprecated.  They contain three weaknesses.  First, it is
relatively easy to construct a V3 key that has the same Key ID as any
other key because the Key ID is simply the low 64 bits of the public
modulus."

I had forgotten about that, but it probably also explains the two
pre-2000 keys with small factors I found.

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: BBB51E42

Attachment: _bin
Description: OpenPGP digital signature

Current thread:

broken RSA keys Solar Designer (May 04)
- Re: broken RSA keys Solar Designer (May 04)
  - Re: broken RSA keys Solar Designer (May 04)
    - Re: broken RSA keys Alexander Cherepanov (May 04)
  - Re: broken RSA keys Stanislav Datskovskiy (May 04)
    - Re: broken RSA keys Solar Designer (May 05)
    - Re: broken RSA keys Alexander Cherepanov (May 05)
    - Re: broken RSA keys Stanislav Datskovskiy (May 05)
    - Re: broken RSA keys Solar Designer (May 12)
    - Re: broken RSA keys Solar Designer (May 05)
    - Re: broken RSA keys Hanno Böck (May 05)
    - Re: broken RSA keys Solar Designer (May 05)
    - Re: broken RSA keys Daniel Kahn Gillmor (May 07)
    - Re: broken RSA keys Simon McVittie (May 05)
- Re: broken RSA keys Alexander Cherepanov (May 04)
- Re: broken RSA keys Alexander Cherepanov (May 04)
- Re: broken RSA keys Hanno Böck (May 05)
  - Re: broken RSA keys Stanislav Datskovskiy (May 05)
    - Re: broken RSA keys Hanno Böck (May 05)
    - Re: broken RSA keys Stanislav Datskovskiy (May 05)
  - Re: broken RSA keys Alexander Cherepanov (May 05)

(Thread continues...)