[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] about ECC and collisions
From: |
Jean-Jacques Brucker |
Subject: |
Re: [Sks-devel] about ECC and collisions |
Date: |
Tue, 5 Apr 2011 15:33:03 +0200 |
User-agent: |
KMail/1.12.4 (Linux/2.6.31.14-server-1mnb; KDE/4.3.5; i686; ; ) |
Thanks for all.
I didn't know that fingerprint was calculated with a timestamp. Do you have any
idea of the reason(s) to do that ?
(that change lot of things, and I'd also like to know if there is a way to
query for specific keys).
(thanks for the link but i don't even know the difference between v3 and v4
keys, is there a mechanism to avoid collisions in v4 ?
.... I have to RTFM.)
regards,
--
Jean-Jacques B.
Le lundi 4 avril 2011 19:20:01, Daniel Kahn Gillmor a écrit :
> On 04/04/2011 06:40 AM, Jean-Jacques Brucker wrote:
> > 1- As ECC crypto is soon available in gnupg, I am asking if sks key servers
> > won't have problems managing them.
> >
> > (That is a great feature I am waiting for to use gpg with signing chains)
> >
> > But the ECC curves are smaller than RSA or DSA keys, full collisions have
> > more chances* to occurs (especially for NIST P-256).
> > (*note: maybe more that asteroid-human collisions :-) ).
>
> i'm pretty confused by this claim. a collision in the fingerprint space
> would be pretty devastating to all OpenPGP implementations i know of,
> and the fingerprint space (160 bits) is significantly smaller than
> P-256. I don't think an ECC key collision is worth worrying about.
>
> > 2- I like to know how sks key servers manage 2 identical keys inside
> > different certificates.
> > Is a warning sent to the owners of the same key ?
>
> No SKS keyservers that i know of send any notifications to any
> keyholders. If you want to be alerted about a change in your key, or
> the presence of other keys, you'll need do regular queries yourself.
>
> I also don't know of any way that you can (via HKP) query an SKS
> keyserver for specific matches of key material. You can query by user
> ID and by key fingerprint, but the key fingerprint is computed over a
> digest of a timestamp + the key material. so it's possible to have two
> identical keys with different fingerprints. this makes querying for
> specific keys difficult (though i'd be happy to learn that there was a
> way to do it).
>
> > 3- When key ID collision occurs how to differentiate them with gnupg ? Is
> > there a way to get only one of them from key servers (eg. for key ID
> > A56E15A3, sorry if it's maybe not the place to ask that question).
>
> The gnupg-specific part of this question is probably best asked on the
> gnupg-users list. More generally, you might be interested in the
> discussion started recently by David Shaw on the IETF's OpenPGP WG
> mailing list:
>
> http://www.imc.org/ietf-openpgp/mail-archive/msg10684.html
>
> the short version is: GnuPG's current implementation (as of 1.4.11 and
> 2.0.17) does not deal well with duplicate key IDs. :(
>
> hth,
>
> --dkg
>
>
signature.asc
Description: This is a digitally signed message part.