SHA1 broken?
Werner Koch
wk at gnupg.org
Thu Feb 17 08:16:56 CET 2005
On Wed, 16 Feb 2005 15:05:07 -0500, Jason Harris said:
> The key creation time can be varied at will, and, I presume, v4 RSA
That's true. However as long as we don't know how to calculate such a
block (and I just guessed that it is similar to the MD5 attack - which
is not necessary true) we don't know whether 4 bytes at a fixed offset
are sufficient.
> key material can be too, a la v3 "vanity" keyids. But, is duplicating
No, they are not vulnerable like v3 keyids.
> While two v4 keys with the same fingerprint could "steal" userid
> certifications made by others, any signatures produced by the
> colliding keys, including selfsigs on their userids, can _not_
They world harm the WoT or any other method of checking the identity
of a key because you usually compare the fingerprints out of band.
Salam-Shalom,
Werner
More information about the Gnupg-users
mailing list