The two V3 attacks

Georgi Guninski guninski at guninski.com
Mon Jun 25 07:22:18 CEST 2012


On Fri, Jun 22, 2012 at 02:08:13PM -0400, David Shaw wrote:
> 
> So neither of these are terribly new attacks (both dating from the 1990s).  I had a brainstorm last year about using a DEADBEEF V3 key to collide with a V4 key, as the only way to tell which key was required (for verifying a signature, for example) was via the 64-bit key ID and inside the signature, there was no way to tell if it was a V3 or V4 key making the signature.  That may have been the first mention of that particular variant - I don't know.  There was some discussion about this on the IETF WG list at the time, but it's really an implementation issue (by the spec, implementations are not required to accept V3 keys if they don't want to).
>


If they are not new why they are not fixed yet?




More information about the Gnupg-devel mailing list