Impact of ROCA (CVE-2017-15361) in subkey vs. private key?
dgouttegattat at incenp.org
Sun Oct 29 23:08:28 CET 2017
On 10/29/2017 07:18 PM, Shannon C wrote:
> Assuming that the secret key was generated outside of an Infineon
> chip, but that subsequently subkeys were generated by a chip with the
> ROCA vulnerability, does that compromise the main private key, or
> only the subkey?
There is no mathematical link between a primary (or master) key and a
subkey. A subkey is linked to a primary key only through a "subkey
If a subkey is compromised (meaning an attacker somehow managed to know
the private key, be it through the ROCA vulnerability or any other
method), this has *no impact* on the primary key. The attacker won't be
able to infer any information about the primary key.
This is also true the other way around: knowing the primary private key
does not allow to deduce the private subkey(s).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users