[Cryptography] Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?

Georgi Guninski guninski at guninski.com
Tue Sep 27 05:20:29 EDT 2016


Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?

I have two distinct DSA keys k_1 and k_2, p_i are distinct 1024 bit
primes and q_i are 160 bit primes (easily can be made larger).
The other parameters of the keys are distinct, counting congruences.

On openssl 1.0.1t they produce exactly the same signature on a file:

$ openssl dgst -sha1 -verify key1.pub -signature file.txt.sig file.txt ; openssl dgst -sha1 -verify key2.pub -signature file.txt.sig file.txt
Verified OK
Verified OK

In addition I created with them two valid self signed x509 certificates.

The key owners can claim the other one made the signature,
which appears crypto repudiation issue.

How to try the signatures in other scenarios?

Is this known?

Is this theoretical weakness in openessl 1.0.1t?

Is this a bug at all?




More information about the cryptography mailing list