[Cryptography] Posting the keys/certs for: Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
Antonio Sanso
asanso at adobe.com
Wed Sep 28 15:12:14 EDT 2016
hi Georgi,
On Sep 28, 2016, at 4:35 PM, Georgi Guninski <guninski at guninski.com> wrote:
> On Wed, Sep 28, 2016 at 12:27:31PM +0300, Georgi Guninski wrote:
>> Posting the keys/certs/private per some requests. The README:
>>
>> Distinct DSA keys produce valid single signature of single file
>> and the x509 certificates from the private keys work on openssl 1.0.2j
>>
>> Tested on openssl 1.0.2j (latest and 1.0.1t latest) on Debian 8.
>>
>> The keys (also private are attached).
>>
>> Also at http://j.ludost.net/DSA1.tar.gz
>>
>
> [this thread is crossposted to Cryptography and Cypherpunks]
>
> Isn't there RFC or some document which says what checks should be
> made?
>
> Last year I bitched:
>
> RFC-2631, fips 186-3 and openssl's implementation of DSA appear broken (and possibly backdoored)
>
> https://j.ludost.net/blog/archives/2015/09/05/rfc-2631_fips_186-3_and_openssls_implementation_of_dsa_appear_broken_and_possibly_backdoored/index.html
> https://lists.cpunks.org/pipermail/cypherpunks/2015-September/009007.html
> https://lists.cpunks.org/pipermail/cypherpunks/2015-September/024560.html
> #^ openssl
just saying. Have you seen this http://blog.intothesymmetry.com/2016/01/openssl-key-recovery-attack-on-dh-small.html ?
regards
antonio
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
More information about the cryptography
mailing list