On 2/23/2017 at 4:52 PM, si...@web.de wrote:... Not sure about you but I am not able to see the difference between a valid pgp key and "gibberish" ;) ...
===== In the example of the 2 pdf's, they started with one pdf, made another pdf, then multiple (more than billions) trials of adding a string to the second pdf so that it hashes to the first. With regard to generating a new key that hashes to a known specific key, the forger must do 2 things simultaneously; [1] generating new key material [2] seeing that the hashed fingerprint of the new key matches that of the first key The forger does not start with a newly generated key and add material so that the hash would match the first key (the case of the pdf's). If that were the case, then the key system would be broken now for the SHA1 hash. Even for v3 keys, which were not SHA1 hashed, the only way to generate a new key with the same fingerprint, would be to allow the key size to vary (usually to a bizarre key size that would be quite suspect, and not believed). Now, for a V4 key with an SHA1 hash, and a further restriction that the forged key size be the same as the first key, this is not known to be doable day, even with the google cloud computer sharing efforts, and the breakthrough of finding pdf's with the same hash. Again, I fully support moving to a secure hash, but I do think that users have more than enough time until the open-pgp group issues the official standard. vedaal
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users