ietf-openpgp
[Top] [All Lists]

Re: including the entire fingerprint of the issuer in an OpenPGP certification

2011-01-19 05:51:30


Peter Gutmann wrote:
"Daniel A. Nagy" <nagydani(_at_)epointsystem(_dot_)org> writes:

generating a new key with the same 64-bit key ID as an existing key is on the
very far end of the realm of feasibility.

That should be:

  generating a *secure* new key with the same 64-bit key ID as an existing key
  is on the very far end of the realm of feasibility.

If you don't mind that your key's weak then it's not that much more work than
just finding a 64-bit collision.

I disagree. It's not a collision that you are after, but a 64 bit pre-image.
Basically, you need to enumerate, on average, 2^63 possibilities, which is very
expensive.

Regards,

-- 
Daniel

Attachment: signature.asc
Description: OpenPGP digital signature