struggling with potential keyid conflicts

Jim Hurd jimh at datagrove.com
Tue Jan 27 11:36:06 CET 2004 

Thanks! I didn't realize that 64 bit ids and fingerprints are accepted interchangeably with 32 bit ids.

Do you know where keyservers are with this issue? I tried:

gpg --keyserver pgp.mit.edu --recv-key  0x5BD18B6A42B9247EF79214B7F87A2B53DEADBEEF

And it gives the same result as

gpg --keyserver pgp.mit.edu --recv-key  0xDEADBEEF

So either GPG or pgp.mit.edu is peeling off the lower 32 bits and calling it good enough. I suppose no harm is done, since if I know the fingerprint I want there is no serious harm in loading the extraneous keys.

Jim

----- Original Message ----- 
From: "David Shaw" <dshaw at jabberwocky.com>
To: <gnupg-users at gnupg.org>
Sent: Tuesday, January 27, 2004 10:22 AM
Subject: Re: struggling with potential keyid conflicts


> On Tue, Jan 27, 2004 at 09:01:15AM -0500, Jim Hurd wrote:
> 
> > But is this a reasonable way to proceed? Am I missing some part of
> > the design idea here? I am writing documentation for GPG use for a
> > group of organizations where it makes some sense to use keyservers
> > to distribute keys, but the threat of forged keyid's is a concern.
> 
> The part you are missing is that key IDs are not 32 bits long - they
> are 64 bits long.  GnuPG displays only the 8 character (32 bit) key ID
> for convenience, but internally it uses all 64 bits.  If you happen to
> have a 32 bit collision, use the full 64 bits.
> 
> $ gpg --list-keys 0xdeadbeef
> pub   1024D/DEADBEEF 2001-01-21 Preston Wilson <pres at palmjunkie.com>
> uid                             Imad R. Faiad
> sub   2048g/27D72110 2001-06-24
>  
> pub   2048R/DEADBEEF 1999-08-03 Imad R. Faiad
>  
> pub   1024R/DEADBEEF 1995-09-28 Prime Rib Lovers
> 
> Three keys with the same keyids?  Nope:
> 
> $ gpg --list-keys 0xF87A2B53DEADBEEF
> pub   1024D/F87A2B53DEADBEEF 2001-01-21
> uid                          Preston Wilson <pres at palmjunkie.com>
> uid                          Imad R. Faiad
> sub   2048g/A9452D5227D72110 2001-06-24
> 
> $ gpg --list-keys 0xA2061199DEADBEEF
> pub   2048R/A2061199DEADBEEF 1999-08-03
> uid                          Imad R. Faiad
> 
> $ gpg --list-keys 0xA69AB99CDEADBEEF 
> pub   1024R/A69AB99CDEADBEEF 1995-09-28
> uid                          Prime Rib Lovers
> 
> It is "difficult" (i.e. nearly impossible) to create a 64-bit keyid
> collision with OpenPGP keys.  If the impossible happens, and there is
> a 64-bit keyid collision, use the whole fingerprint:
> 
> gpg --list-keys 0x5BD18B6A42B9247EF79214B7F87A2B53DEADBEEF
> 
> Note that all this applies to OpenPGP (v4) keys.  The old PGP 2.x (v3)
> keys have trivially forgeable keyids and fingerprints.  There is no
> way to really secure against that, as it is inherent in the key
> format.  Don't use them.
> 
> David
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

More information about the Gnupg-users mailing list