Vanity Keys

David Shaw dshaw at jabberwocky.com
Wed Jan 14 04:42:41 CET 2015


On Jan 13, 2015, at 10:11 PM, Sandeep Murthy <s.murthy at mykolab.com> wrote:
> 
> Hi
> 
>> Only the right key will actually work for verification, but the program may not be able to find that right key.
> 
> Wouldn’t this issue of possible collisions in the long key ID (64 bits / 16 hex digits)
> causing problems for the GPG program only be an issue in an organisational setting,
> where there is a large number of users sharing that program and where keys
> are uploaded to/retrieved from key servers using short IDs?
> 
> For an individual who for example only imports keys with fingerprints (160 bits /  40 hex) and
> publishes their fingerprint rather than the short or long key ID, how can this risk arise
> or is there still an issue with key servers?

Unfortunately, it doesn't matter if users only use fingerprints when deciding to import a key or not.  Internally, keys are looked up using the 64-bit key ID.  This is a limitation of OpenPGP - the "issuer" of a signature is 64 bits long.  If the user manages to get two keys that happen to have the same 64-bit key ID (the lowest 64 bits of the fingerprint, for OpenPGP keys) then this problem applies to them.

The discussion on gnupg-devel is about adding a larger issuer that contains the complete fingerprint.

David




More information about the Gnupg-users mailing list