[linux-neuchatel] clé gpg el-Gamal compromisent
Marc SCHAEFER
schaefer at alphanet.ch
Thu Nov 27 19:24:36 CET 2003
On Thu, Nov 27, 2003 at 06:15:18PM +0100, Martial Paupe wrote:
> Les clés el-Gamal sont compromisent !
Pas tout à fait.
Les clés E-Gamal utilisées pour la *signature* sont vulnérables
d'après le lien que tu as donné.
Bien souvent on utilise une clé DSA pour la signature.
Note that the standard keys as generated by GnuPG (DSA and ElGamal
encryption) as well as RSA keys are NOT vulnerable. Note also that
ElGamal signing keys cannot be generated without the use of a special
flag to enable hidden options and even then overriding a warning
message about this key type. See below for details on how to identify
vulnerable keys.
schaefer at defian:~% gpg --list-keys 7F76BFC9
pub 1024D/7F76BFC9 2000-08-05 Marc SCHAEFER (gpg) <schaefer at alphanet.ch>
sub 1024g/B0E56315 2000-08-05
Exemple:
une clé DSA pour la signature, une clé pour le chiffrement (El-Gamal).
> http://marc.theaimsgroup.com/?l=gnupg-announce&m=106992378510843&w=2
I can't tell for sure. According to the keyserver statistics, there
are 848 primary ElGamal signing keys which are affected. These are a
mere 0.04 percent of all primary keys on the keyservers. There are
324 vulnerable subkeys on the keyservers, too.
Apparemment un problème sérieux, mais très marginal dans son impact.
More information about the linux-neuchatel
mailing list