[Cryptography] Posting the keys/certs for: Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
Georgi Guninski
guninski at guninski.com
Thu Sep 29 03:56:41 EDT 2016
On Wed, Sep 28, 2016 at 10:44:30PM -0700, Ron Garret wrote:
>
> On Sep 28, 2016, at 9:32 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
>
> > Ron Garret <ron at flownet.com> writes:
> >
> >> In this case the fix is trivial: add a line of code that rejects any key
> >> whose multiplicative order is too small.
> >
> > Isn't this a bit like saying that the fix for Linux kernel bugs is also
> > trivial: Wherever there's a kernel bug, add a line of code that fixes it.
> >
> > (Evaluating multiplicative orders, from a quick look at Bach & Shallit's
> > "Algorithmic Number Theory", isn't exactly a one-liner).
>
Exactly, especially when there are other subtleties in the openssl
mess...
> Not everything requires bringing out the big number theoretic guns. Here is one of the keys in question:
>
> Private-Key: (1024 bit)
> pub: 1 (0x1)
> G: 1 (0x1)
So what contradicts this?
It works fine on latest openssl :)
Would you comment on key4 and key5?
More information about the cryptography
mailing list