ROCA detection in GnuPG

Francois Grieu fgrieu at
Tue Oct 17 16:33:59 CEST 2017

Werner Koch <wk at> wrote:

 > Over at gnupg-verein, Phil asked whether it would make sense to
 > have an auto-detection of ROCA affected keys in GnuPG.

The ROCA test can have false positives, with probability 1/238878720
that a perfectly fine RSA key raise alarm. See details at

This is low enough that it will seldom happen by chance, but on the other
hand it is very possible to intentionally make a (secure) key that raise this
alarm, just for the nastiness of it.

   Francois Grieu

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Gnupg-devel mailing list