[Cryptography] How to prove Wikileaks' emails aren't altered

John Levine johnl at iecc.com
Mon Oct 24 18:06:19 EDT 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>This means we can indeed validate most of the Wikileaks leaked 
>>DNC/Clinton/Podesta emails.  There are many ways to do this, 
>>but the easiest is to ...

 ... download the messages from Wikileaks and run them though one of
the open source perl or python DKIM scripts.  I did that on a couple
of messages referenced in articles (e.g., the one that said Tim Kaine
was picked a year ago) and yes, the signatures are good.

>How easy would it be for a nation-state attacker to modify these 
>signatures?

Pretty hard.  Slightly oversimplified, DKIM makes a SHA-256 hash of
the message body, then another SHA-256 hash of the interesting
headers, one of which includes the body hash, and then puts an RSA
signed version of that second hash in the signature.  

The verification key is in the DNS.  Gmail's DKIM keys are not DNSSEC
signed, but since the key used for the gmail-to-gmail messages is the
same one that has been used for hundreds of billions other outgoing
gmail messages over the past four years, it'd be pretty obvious if
someone changed it.

If you're wondering about the details, see RFC 6376.

R's,
John
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlgOhfAACgkQkEiFRdeC/kUIswCffYz3gBn1f02wpQbBeXi9UL5b
4P0An3QyQ+5f2gwcQoqMM7hUhmSVESOK
=Xz6O
-----END PGP SIGNATURE-----


More information about the cryptography mailing list