[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 265-1] -- BAD SIGNATURE !?

On Sun, Mar 23, 2003 at 02:34:00PM +0000, Nick Boyce wrote:
> 
> An even more disturbing thought is that in contrast to rejecting 
> signatures that are in fact good, Kmail may validate signatures that 
> are in fact bad ...

 If the problems are happening because something garbles the signature data,
the laws of probability imply that garbling of data is extremely unlikely to
produce a correct signature when there was an incorrect one before.  It
would take time >> age_of_universe (>> means much greater, not a shift op)
with a fast computer (by today's standards, not necessarily tomorrow's) to
forge a sig (with a reasonable key length).  As long as the problems are
with changing what gets fed to gpg, strong crypto makes this a virtual
impossibility.  If there is a problem inverting the sense of the output of
gpg, or anything else after gpg has run, then that is much more serious.

-- 
#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug. , ns.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BC
Reply to: