[messaging] On Signed-Only Mails

Maxwell Krohn themax at gmail.com
Wed Dec 7 15:25:31 PST 2016


>
> A complicating factor is that PGP signature packets include a 64-bit
> key ID which is a hash of the public key.  However, that just requires
> the attacker to randomize the attack and try around 2^64 calculations
> until he finds a matching key ID, which might be feasible for a
> state-level attacker.
>
>
We've noted that a new feature of GPG 2.1.15 is that signatures
are computed over full 20-byte SHA1 key fingerprints [1], in addition to
64-bit key IDs.

[1]
http://gnupg-devel.gnupg.narkive.com/Z0EFUBU7/issuer-fingerprint-was-vanity-keys
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20161207/6fbdcdc0/attachment.html>


More information about the Messaging mailing list