keyserver spam

Aaron Toponce aaron.toponce at
Sat Dec 17 16:42:48 CET 2011

On Fri, Dec 16, 2011 at 03:51:34PM +0000, gnupg at wrote:
> I understand that once you've uploaded something to the keyservers, it
> can't be removed. Eg, if I sign someone elses key and upload that, it
> will be attached to their key permanently?
> What if someone were to generate say, 10,000 keypairs with "offensive"
> uid names, and then sign my key with each of them, and then upload that
> to the keyservers? Is there anything to stop that? Is there anything to
> stop a spammer generating a key with their URL in the uid name and then
> signing every key they can find and uploading that to the keyservers?
> Has anything like this happened before?

For spam to be truly effective, there needs to be a reward. Littering the
keyservers with bogus keys and signatures, at its current state, wouldn't
provide the desired result. Spamming email has shown to be an effective way
to make money. Where is the monetary reward here?

I guess Anonymous or LULZ Security, or the like, could do it out of sheer
entertainment, but it would die quickly, as the effort in maintaining the
noise outweighs the benefit of annoying users by several orders of

I'll pose the scenario differently: How can you trust that the photo
identification presented at a human-to-human keysigning party is
legitimate? It's not too terribly difficult to forge even government photo
identification, and pass it off as legitimate to the average user. I could
create a key, call myself "Bruce Schneier", forge a photo identification
card that "proves" this is the case, and claim there are two of us in the
world- the famous cryptographer, and a lonely sysadmin from North Dakota.

After collecting enough signatures, I've created enough noise to cast doubt
on which key belongs to the famous security expert, and which doesn't. At
least to the casual eye, which we must admit, most of us don't scrutinize
our keys at all (when was the last time you did a key refresh, and paid
attention to expirations or revocations?).

More threatening, than just littering the keyservers with tens of thousands
of keys and signatures, are individual attacks, like the one I just
mentioned above. Again, there needs to be some good benefit to the cost of
doing something like this, other than just "for the lulz", or it will die
off quickly. And to be honest, the only reasonable benefit I can conceive
of, is hoping to create enough confusion, as to intercept valuable data in
some sort of transaction from the person or organization you're attacking.
Because OpenPGP hasn't reached mass popularity, I think your initial
thoughts are trying to solve a problem, that doesn't exist.

. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 519 bytes
Desc: Digital signature
URL: </pipermail/attachments/20111217/ee7c1521/attachment.pgp>

More information about the Gnupg-users mailing list