changing the default for --keyid-format [was: Re: getting an encrypted file to show what public key was used]
David Shaw
dshaw at jabberwocky.com
Tue May 29 20:18:37 CEST 2012
On May 29, 2012, at 2:05 PM, Sam Whited wrote:
> On Tue, May 29, 2012 at 1:47 PM, David Shaw <dshaw at jabberwocky.com> wrote:
>> On May 29, 2012, at 11:51 AM, Daniel Kahn Gillmor wrote:
>>
>> What is your concern here, though - accidental or intentional collision?
>
> Certainly both; while accidental collision isn't probable, 32-bit IDs
> aren't exactly collision resistant either. This, coupled with the fact
> that a nice GPGPU is now relatively inexpensive makes brute forcing
> collisions not only possible, but relatively easy for a determined
> attacker.
The reason I bring it up is that using the v3 key attack, 64-bit key IDs have no particular benefit over 32-bit IDs for intentional collisions (i.e. an attacker generating a key with the same key ID as the victim in order to confuse matters and/or steal traffic). It's just as easy to forge 64 bits as it is to forge 32…
David
More information about the Gnupg-users
mailing list