Forging key signatures with collisions

Georgi Guninski guninski at guninski.com
Fri Jun 22 16:16:48 CEST 2012


This is getting stranger...

The primary colliding key appears unusable if it is imported second.
But if i create a subkey in it (using tricks) the subkey appears signed by
the wrong user. Have the private key for it, but can't make signatures yet
(maybe gpg needs more patching). If i can make a signature with the subkey
it might be reported by the wrong user (probably with the correct keyid):

$gpg --import < /tmp/fake4
$gpg --check-sigs --keyid-f long

pub   2047R/251BEFF479164387 2012-06-22
uid                          fake   4 <f at f4>
sig!3        251BEFF479164387 2012-06-22  Ubuntu Archive Automatic Signing Key <ftpmaster at ubuntu.com>
sub   2047R/251BEFF479164387 2012-06-22
sig!         251BEFF479164387 2012-06-22  Ubuntu Archive Automatic Signing Key <ftpmaster at ubuntu.com>
sub   2048R/99270C331D426C85 2012-06-22
sig!         251BEFF479164387 2012-06-22  Ubuntu Archive Automatic Signing Key <ftpmaster at ubuntu.com> # 99... doesn't collide with anything to my knowledge and the secret key is available.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fake4
Type: application/octet-stream
Size: 1679 bytes
Desc: not available
URL: </pipermail/attachments/20120622/0899b330/attachment.obj>


More information about the Gnupg-devel mailing list