[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20160815153401.9EC2BADC2C@smtp.postman.i2p>
Date: Mon, 15 Aug 2016 15:34:01 +0000 (UTC)
From: <1471274895@...mail.org>
To: <linux-kernel@...r.kernel.org>
Subject: Fake Linus Torvalds' Key Found in the Wild, No More Short-IDs.
It was well-known that PGP is vulnerable to short-ID collisions,
and many experiments were done to demonstrate that. [0]
Nevertheless, real attacks started in June, some developers found
their fake keys with same name, email, and even "same" fake signatures
by more fake keys in the wild, on the keyservers. [1]
All these keys have same short-IDs, created by collision attacks, led
with some discussions about the danger of short-IDs. Now, it is worth
to mention this issue again, since fake keys of Linus Torvalds, Greg Kroah-Hartman,
and other kernel devs are found in the wild recently.
> We don't know who is behind this, or what his purpose is. We just know this
> looks very evil.
Search Result of 0x00411886: https://pgp.mit.edu/pks/lookup?search=0x00411886&op=index
Fake Linus Torvalds: 0F6A 1465 32D8 69AE E438 F74B 6211 AA3B [0041 1886]
Real Linus Torvalds: ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 [0041 1886]
Search Result of 0x6092693E: https://pgp.mit.edu/pks/lookup?search=0x6092693E&op=index
Fake Greg Kroah-Hartman: 497C 48CE 16B9 26E9 3F49 6301 2736 5DEA [6092 693E]
Real Greg Kroah-Hartman: 647F 2865 4894 E3BD 4571 99BE 38DB BDC8 [6092 693E]
Everyone,
> In short, that cutting a fingerprint in order to get a (32- or 64-bit) short
> key ID is the worst of all worlds, and we should rather target either always
> showing full fingerprints, or not showing it at all
> (and leaving all the crypto-checking bits to be done by the software, as comparing
> 160-bit strings is not natural for us humans). - Gunnar Wolf
DO NOT TRUST ANYTHING SHORTER THAN THE FINGERPRINTS.
[0] http://www.asheesh.org/note/debian/short-key-ids-are-bad-news.html
[1] http://gwolf.org/node/4070
Powered by blists - more mailing lists