Joseph Lorenzo Hall <joe(_at_)cdt(_dot_)org> writes:
On Tue, Apr 12, 2016 at 9:15 AM, Vincent Breitmoser
<look@my.amazin.horse> wrote:
Joseph Lorenzo Hall(joe(_at_)cdt(_dot_)org)@Tue, Apr 12, 2016 at 09:06:11AM
-0400:
If you have two keys that map to the same fingerprint, then an
attacker can decide to serve you whichever is in their best interest.
The premise of your scenario is that you are already using a key
generated by the attacker. What could an attacker possibly gain by
possessing a second key with the same fingerprint?
Sorry so slow to respond... my premise is that increasingly I query
for full fprs to obain keys from keyservers and if that maps onto two
different keys with the same UserID that would be bad.
I guess what the rest of the thread here is saying is that it would be
so computationally difficult for a malicious keyserver to find a
collision that this isn't a problem.
That's not a collision, that's a preimage attack.
A collision is where Eve generates a pair of keys together with the same
fingerprint, but doesn't care what that key/fingerprint is -- only that
they are the same. A preimage attack is where you're trying to find a
key that matches a specific (existing) fingerprint. That's a MUCH
harder attack.
So yes, it would be extremely difficult for Eve to generate a key with
the same fingerprint as Alice's key.
(apologies for being somewhat dense)
-derek
--
Derek Atkins 617-623-3745
derek(_at_)ihtfp(_dot_)com www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp