ietf-openpgp
[Top] [All Lists]

Re: [openpgp] "SHA-1 is a Shambles" and forging PGP WoT signatures

2020-01-24 15:21:47
On Fri, Jan 24, 2020 at 11:57:09AM -0500, Michael Richardson wrote:
I guess, maybe if the key is big enough (rsa 8K, bigger), that the bytes could be in the prime itself. Are you saying that?

Yes.


If so, I wonder what the smallest key for which this is true is.

The collision found by the authors used 9 near-collision blocks (4608 bits). They believe it would have been possible to find a collision with 7 near-collision blocks (3584 bits), which could fit into a 4096-bit RSA key.


- Damien

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp