New results against SHA-1

Werner Koch wk at
Mon May 4 13:39:41 CEST 2009

On Mon,  4 May 2009 12:16, nicholas.cole at said:

> How does GPG cope if two keys on the keyring have the same FP?  AFAICS
> that would make things very difficult for most of the front-ends,

I don't know, because I am not able to create such keys ;-).

It is not different from looking up the keys using the long keyid.  We
would need to iterate over all matching keys until we can verify/decrypt
a message.

The only real crypto use in the protocol is with the revocation key
(designated revoker) which uses a 20 byte fingerprint to specify the
key.  However I cannot see where there is a threat.

There are some internal uses of SHA-1 and RIPE-MD-160 in GPG: Mainly to
identify keys in the trustdb.  You will likely run into problems adding
another key with the same fingerprint.  The forthcoming new keyring
format will cope with that by not allowing a second key with the same



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-users mailing list