undefined | Better HN

0 pointsbjornsing6y ago0 comments

> It means if someone you want to impersonate uses the Web Of Trust, i.e. their key is signed by other people whose keys have been signed the same way, you can generate a GPG key for which all of these signatures are still valid.

No...

> For example, if an attacker gains access to a victim email account, they could send to their contacts a "trusted" key (as explained above) and then use it to send signed documents to the victim's contacts.

Ok... But in this scenario the attacker has the victim’s new private key, so they don’t need to create a collision (using OP). They can just use the new private key to sign the documents. Right?

0 comments

2 comments · 1 top-level

_notreallyme_6y ago· 1 in thread

> No...

Why ?

> in this scenario the attacker has the victim’s new private key

You don't want to keep your private key in cleartext on your email provider servers, do you ?

makomk6y ago

This allows you to take two messages and append some data to both of them which causes the modified versions to have the same SHA-1 hash - but you need to modify both messages, and in order to use this in an attack you need to set up a scenario where the SHA-1 hash of one of your modified messages is trusted for some purpose. Creating a message with the same hash as another, existing message requires a second-preimage attack which is much harder and not feasible for any cryptographic hash that's currently in use.

j / k navigate · click thread line to collapse