Re: private key language

ietf-openpgp

Re: private key language

2005-12-28 08:46:03


On Wed, Dec 28, 2005 at 09:12:44AM -0500, David Shaw wrote:

What weakness in the private key format are you referring to?


The Klima-Rosa attack: the private material is not bound cryptographically
to the public material, thus by changing the public material, the attacker
can reconstruct the private material from just one (corrupted) signature,
and forge that signature to cover up the attack.

Please read the Klima-Rosa paper (poor English, but good content), for more
details.

-- 
Daniel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
private key language, Daniel A. Nagy Re: private key language, David Shaw Re: private key language, Daniel A. Nagy <= Re: private key language, David Shaw Re: private key language, Daniel A. Nagy Re: private key language, David Shaw Re: private key language, Jon Callas Short intro on the K-R attack [Re: private key language], Daniel A. Nagy Re: Short intro on the K-R attack [Re: private key language], Jon Callas Re: Short intro on the K-R attack [Re: private key language], Daniel A. Nagy Re: Short intro on the K-R attack [Re: private key language], Jon Callas Re: Short intro on the K-R attack [Re: private key language], Daniel A. Nagy Re: Short intro on the K-R attack [Re: private key language], Ben Laurie

Previous by Date:	Re: private key language, David Shaw
Next by Date:	Re: Outstanding question - rule on cleartext signing last line, Ben Laurie
Previous by Thread:	Re: private key language, David Shaw
Next by Thread:	Re: private key language, David Shaw
Indexes:	[Date] [Thread] [Top] [All Lists]