1024 key with 2048 subkey: how affected?
mailinglisten at hauke-laging.de
Sat Jan 21 16:41:29 CET 2012
Am Freitag, 20. Januar 2012, 21:15:29 schrieb Chris Poole:
> The encryption and signing is still being done by the subkeys, so is
> it simply that they're signed by the parent 1024-bit key, and this key
> is easier to fake?
Yes. If the main key is compromised then
a) certifications for other keys can be forged (of course, anyone being
attacked by that could see that the key whose certification he is going to
rely on is that short)
b) new subkeys for that key can be created
If the attacker is capable of a man-in-the-middle attack then he can send the
compromised key when the attacked person makes a keyserver update. This way
noone would notice the manipulation (not even the key owner when checking
what's on the keyservers). Afterwards data would be encrypted to the wrong key
and signatures by the attackers subkey would be accepted.
Another attack szenario is that the whole key can be revoked when you need it.
People do not send you important, urgent information because they do not have
a valid key to encrypt to. Or you have to sign something in time but do not
have a key which is accepted be the recipient.
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 555 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users