[cryptography] Duplicate primes in lots of RSA moduli

Florian Weimer fw at deneb.enyo.de
Wed Feb 15 17:22:42 EST 2012


* Tom Ritter:

> Something I found strange in their paper was this quote:
>
> "PGP keys have no expiration dates or hashes. All public keys were
> further analysed as described below." (bottom of page 4)
>
> PGP keys *may* have no expiration date, but they may, and anecdotally
> most I've seen do.  Likewise, nearly all keys have a self-signed UID
> associated with them, and that signature uses a hash algorithm.

The old V3 key format keeps expiration dates directly in the key; most
implementations seem to interpret it as a hard limit.  The V4 key
format has something which the OpenPGP specification calls an
"expiration date", but its not really enforceable because it can be
stripped by an attacker and extended by someone who has access to the
private key, by creating a new self-signature.  In this sense, the
hash algorithm and other algorithm selections are not tied to the key,
either.



More information about the cryptography mailing list