Key poisoning

MFPA 2017-r3sgs86x8e-lists-groups at riseup.net
Thu Aug 15 21:48:50 CEST 2019


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Thursday 15 August 2019 at 10:26:31 AM, in
<mid:b1133e78-032a-3465-7e03-8abf999f7696 at digitalbrains.com>, Peter
Lebbing wrote:-


> Plus, the attacker could just create a signature that
> looks likely to be
> real (self-sig or existing third-party sig seems a
> good candidate).


Would the attack work by just concatenating lots of identical
signature packets onto a copy of the target key and sending the result
to the keyserver?

- --
Best regards

MFPA                  <mailto:2017-r3sgs86x8e-lists-groups at riseup.net>

An obstinate man does not hold opinions. They hold him.
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQSWDIYo1ZL/jN6LsL/g4t7h1sju+gUCXVW3MV8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OTYw
Qzg2MjhENTkyRkY4Q0RFOEJCMEJGRTBFMkRFRTFENkM4RUVGQQAKCRDg4t7h1sju
+ncpAQDhG3HrT17ZNRCddaPh4Mz+PDmDzoYA8g5TgSsrP2UecQEAswc8FBOdRJku
sPjNfiQaWyQSPHLnWNDkccPTywm+vgCJApMEAQEKAH0WIQRSX6konxd5jbM7JygT
DfUWES/A/wUCXVW3MV8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0NTI1RkE5Mjg5RjE3Nzk4REIzM0IyNzI4MTMw
REY1MTYxMTJGQzBGRgAKCRATDfUWES/A/1tfD/sFEf1QzMMnhDOZMt+RAhHMp3Va
TcM3O8g9453Hb1eFkkIa+7lZCox4S4uDAVa4eKwhmqnhv9HTDlRFrxYR1d+rXWn7
7XcwdgsBdMlJxZ0YIDSXdEXuNzcokQlIvLhcf4qhx9jY3v/+3hd1luNjzb/sYWr4
j5nErWrFywQD5BWh9kFa6hMisrfVNTSo0Tb2R3HwUej97iwcuwVdu/6dIW3uSUFt
MACQDmYNvWJqw/Rvjb+YKt7L5E/yY+47tO++Izm+cYvSYUM/DqDFLayvOVLtT/Wl
JGGwpxbdaBmk41t4wnpp8c0bpoZuAVgylAzk39Yal67yIOzcEipcyupqNlPupcVd
79h+1j48KweDrvHdHw2smaHsbSJOSPWpZBwpzeveMHKqiavmoFpY3BVzEwZYU7wq
dTTG55z3dnFkcUiWzNzzr/6HRPRMkgYSX+1YDdCeSdDrtTguOyDmK9nUJDoDyvvZ
r70sgftCF54j4jK2Xq/B2mj0bHbQvkPi9kEwXUU+VaPWyWtlki8V5vL4HFypTdrh
eWVrwdbvDSaaxnIrjlyrxMOpjvAQ/2tYFSJgOA2jjAFqDYDBtFqJwCLWMc0Ksohq
5S2KNxhOcxRfR32QgYDHj9k1AtYjDDCfz9MMemr8B13zgALLFSJYTVpOUf2cSo3X
cIlFh2czPTfUlsL3Nw==
=GjEU
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list