ROCA detection in GnuPG

Francois Grieu fgrieu at gmail.com
Tue Oct 17 16:33:59 CEST 2017


Werner Koch <wk at gnupg.org> wrote:

 > Over at gnupg-verein, Phil asked whether it would make sense to
 > have an auto-detection of ROCA affected keys in GnuPG.

The ROCA test can have false positives, with probability 1/238878720
that a perfectly fine RSA key raise alarm. See details at
https://crypto.stackexchange.com/questions/52292/what-is-fast-prime

This is low enough that it will seldom happen by chance, but on the other
hand it is very possible to intentionally make a (secure) key that raise this
alarm, just for the nastiness of it.

   Francois Grieu

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20171017/8a5d45a0/attachment.html>


More information about the Gnupg-devel mailing list