[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] crypto features and 1.2preX
From: |
Florian Weimer |
Subject: |
Re: [Gnu-arch-users] crypto features and 1.2preX |
Date: |
Wed, 7 Jan 2004 05:26:41 +0100 |
User-agent: |
Mutt/1.5.4i |
Brian May wrote:
> 1. I have heard, from other mailing lists, that it is feasible to
> alter a file *and* *its* length* in such a way that it will produce
> exactly the same MD5 Checksum. The moral of the story was you can't
> rely on the MD5 checksum by itself, you need the MD5Sum + Length of
> the data.
As far as I know, this problem is specific to the old version 3 public
key format of OpenPGP. In this case, two values are concatenated, and a
single hash is computed over that concatenation, so it's possible to
alter the boundary between the two values.
> Here, the signature is made with my key, but tla doesn't realize that
> the creator field was forged.
This has to be handled in the signature verification script. You
probably want to use a separate keyring and disable the web-of-trust
mechanism (after checking key validity manually).