Hiding signature identification (was: How to fix "ERROR key_generate 3355453" / "GENKEY' failed: IPC call has been cancelled")
Peter Lebbing
peter at digitalbrains.com
Wed Sep 5 12:18:06 CEST 2018
On 05/09/18 11:27, Fiedler Roman wrote:
> Sorry, but you are completely off here.
If there are six people I am actually interested in, and I know all
their public keys, checking if one of them signed a message with a
hypothetical "throw-keyid" takes me at most six trial verifications,
using their public keys in turn.
Now when you say that you could find the signer by brute-forcing "all
keys in the 2^2048 key space", that seems to miss a vital step. Let's
suppose you did this massive brute force, the universe still exists, and
you found that the RSA key with keygrip
8FE036329129F568D5B58A88F6F8580A064E4887 has signed the message. Back to
your goal. Who signed the message? You don't know. You know what the RSA
modulus of the key of this person is, but you don't know their identity,
because your brute-force search did not produce an identity, it produced
an RSA modulus and exponent.
So: to know who signed a message, you need their public key. So to check
a random signature without identification, you try all the public keys
you have at your disposal (perhaps ignoring the ones you know are
uninteresting). So your search space is your collection of public keys.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180905/6317ec30/attachment-0001.sig>
More information about the Gnupg-users
mailing list