ROCA detection in GnuPG
fgrieu at gmail.com
Tue Oct 17 16:33:59 CEST 2017
Werner Koch <wk at gnupg.org> wrote:
> Over at gnupg-verein, Phil asked whether it would make sense to
> have an auto-detection of ROCA affected keys in GnuPG.
The ROCA test can have false positives, with probability 1/238878720
that a perfectly fine RSA key raise alarm. See details at
This is low enough that it will seldom happen by chance, but on the other
hand it is very possible to intentionally make a (secure) key that raise this
alarm, just for the nastiness of it.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-devel