Collision attack against long Key Ids
Nombre y Apellidos
deceroadiez at gmx.es
Wed Mar 11 17:57:04 CET 2026
Hello
I'm a GPG user for a while, but I don't have any technical knowledge of
cryptography, only basic understanding of the subject. I mention this to
try and excuse my lack of knowledge.
I see a blog post about collisions in key Id's in this blog:
https://soatok.blog/2026/01/07/practical-collision-attack-against-long-key-ids-in-pgp/
According to the article itself, it can lead to cases of usurpation of
signed data, such as software packages.
Is it really a weakness in PGP/GNUPG?
Best regards and thanks in advanced
--
OpenPGP fingerprint
-------------------
CBA7 480A 5FBC DB67 857F 54D3 434C 945C 1278 2FD7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260311/0f78ab8c/attachment-0001.sig>
More information about the Gnupg-users
mailing list