Problems with private keyring?

Florian Weimer fw at
Fri Mar 23 00:28:58 CET 2001

Florian Weimer <fw at> writes:


The newest version of these patches should actually work.

As an added bonus, it protects against signature computation errors
(due to overclocking or bugs in the MPI implementation), which
was first proposed in this context by Lutz Donnerhacke. GnuPG
calculates the signature in Z/pZ x Z/qZ instead of Z/nZ (which would
be slower).  If the computation in one component of the direct sum
fails, the difference to the correct result is likely a multiple of
p or q. (AFAIK, this is called a 'Bellcore attack' in German hacker

More information about the Gnupg-devel mailing list