Hundreds of RSA keys factored

Timo timog24 at mailbox.org
Thu May 5 14:45:07 CEST 2016


Thank you, that is pretty much what I wanted to know.

The fact that the project hasn't responded by proving that they have the
secret key of anyone demanding prove isn't really reassuring, although
it might be the only thing to be sure.

What had me worried most is the number of keys with nonprime values, as
this is handled by the implementation.

On 05/05/2016 01:01 PM, Andrew Gallagher wrote:
> On 04/05/16 23:09, Robert J. Hansen wrote:
>>> There is this scary project listing several hundreds factored pgp/rsa
>>> keys: http://trilema.com/2016/the-phuctoring/
>>
>> Not scary.  Not all that interesting, either.
> 
> Hanno Böck has a fairly comprehensive response here:
> 
> http://www.openwall.com/lists/oss-security/2016/05/05/7
> 
> tl;dr: they're mangled, useless copies of real pubkeys, and mangled keys
> will almost always be non-prime.
> 
> A
> 
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160505/76a201a1/attachment.sig>


More information about the Gnupg-users mailing list