Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Monday August 15 2016, @01:45PM   Printer-friendly
from the keys-to-the-kingdom dept.

Enrico Zini wrote:

There are currently at least 3 ways to refer to a GPG key: short key ID (last 8 hex digits of fingerprint), long key ID (last 16 hex digits) and full fingerprint. The short key ID used to be popular, and since 5 years it is known that it is computationally easy to generate a GnuPG key with an arbitrary short key id.

LWN.net wrote in June 3, 2016:

Gunnar Wolf urges developers to stop using "short" PGP key IDs as soon as possible. The impetus for the advice originates with Debian's Enrico Zini, who recently found two keys sharing the same short ID in the wild.

After contacted the owner, it turned out that one of the keys is a fake. In addition, labelled same names, emails, and even signatures created by more fake keys. Weeks later, more developers found their fake "mirror" keys on the keyserver, including the PGP Global Directory Verification Key. Gunnar Wolf wrote:

We don't know who is behind this, or what his purpose is. We just know this looks very evil. [...] In short, that cutting a fingerprint in order to get a (32- or 64-bit) short key ID is the worst of all worlds, and we should rather target either always showing full fingerprints, or not showing it at all (and leaving all the crypto-checking bits to be done by the software, as comparing 160-bit strings is not natural for us humans).

Now, a fake key (fake: 0x6211aa3b00411886, real: 0x79be3e4300411886) of Linus Torvalds was found in the wild, scroll the page and you'll see two. It looked like that every single key from the Linux kernel community have been forged successfully, another example is Greg Kroah-Hartman (fake:0x27365dea6092693e, real: 0x38dbbdc86092693e). LWN reader "rmayr" commented:

so it seems somebody is actually constructing a database of fake keypairs with "well-known" short IDs. Something is going on here...


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by FatPhil on Monday August 15 2016, @03:16PM

    by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Monday August 15 2016, @03:16PM (#388206) Homepage
    It would be interesting to see how big this taint spreads. Sign the real linus key with god's key, carrying infinite trust, and the fake linus key with satan's key, with infinite distrust, and let's see if any nodes in the graph and up ambigously weighted.

    I don't know if I'd be more surprised by there being two discrete cliques, or if there was an overlap - the possibility of someone at the fringes being duped by a fraud isn't that bizarre. NSA bods attend FLOSSy conferences all the time, I'm sure.

    I wanna know where these fake keys have actually been used in the wild - was it just an academic exercise, or has there been some concrete malice yet?
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 3, Interesting) by FatPhil on Monday August 15 2016, @03:42PM

    by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Monday August 15 2016, @03:42PM (#388216) Homepage
    I IRC with a dozen or so people in Linus' web of trust, and one of them has proffered:

    18:35 <[elided]> FatPhil: the 2014-08-05 keys are from the evil32 experiment

    So these are all well known, and not malicious as such, exactly as foreseen in 2011.
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves