Public bug reported: Signatures are smaller, and do not use problematic RSA-PKCS#1.5 padding.
(SHA-2 standard) SHA512 is also very problematic, because it has no protection against length extension attacks anymore. Upgrade to SHA3-512 as used by snap assertions, and is of the same length & same security bits as current scheme. ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2037741 Title: Improve kernel module signing strength Status in linux package in Ubuntu: Incomplete Bug description: Signatures are smaller, and do not use problematic RSA-PKCS#1.5 padding. (SHA-2 standard) SHA512 is also very problematic, because it has no protection against length extension attacks anymore. Upgrade to SHA3-512 as used by snap assertions, and is of the same length & same security bits as current scheme. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2037741/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp