Bruce Walzer schrieb am 2024-12-05: > What is the actual issue here?
Extremely simplified: Attacker makes many good documents and many bad documents until he finds a collision. See https://shattered.io Attacker takes the good document and the bad document with the same hash. Attacker asks victim to sign the good document. Victim does so. Attacker combines the signature with the bad document. So the attacker can "prove" that the victim has signed the bad document. Conclusion: Do never use SHA-1 for new signatures. Emit a warning for existing SHA-1 signatures. Kind regards -- Rainer Perske Systemdienste + Leiter der Zertifizierungsstelle (UCAM) -- Universität Münster CIT - Center for Information Technology Rainer Perske, Systemdienste Röntgenstraße 7-13, Raum 006 48149 Münster Tel.: +49 251 83-31582 E-Mail: rainer.per...@uni-muenster.de Website: www.uni-muenster.de/IT Universitätszertifizierungsstelle Münster (UCAM): Tel.: +49 251 83-31590 E-Mail: c...@uni-muenster.de WWW: www.uni-muenster.de/CA YouTube: youtube.com/@uni_muenster Instagram: instagram.com/uni_muenster LinkedIn: linkedin.com/school/university-of-muenster Facebook: facebook.com/unimuenster
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-devel mailing list Gnupg-devel@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-devel
