Fingerprint security (was Re: storing keyrings into SQL database?)
Fri May 23 05:56:03 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, May 22, 2003 at 07:35:18PM -0700, Joseph Bruni wrote:
> Has anyone ever calculated the odds of a fingerprint collision?
> Sometimes its kind of nice to know just for perspective.
A natural collision? Very, very unlikely. V4 keys use SHA1 to
fingerprint, and the effective size of that hash due to the birthday
paradox is 80 bits.
V3/PGP 2.x keys are a different story altogether. There is a weakness
in the key format that means you can play fingerprint games with
fairly little effort. You can fake a keyid easily as well, but V3
fingerprints are not secure either. This isn't a MD5 hash issue
(though MD5 has issues): it is a flaw in the fingerprinting
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
-----END PGP SIGNATURE-----