Great paper! Thanks! From the paper: > However when trying to calculate the private keys it turns out most > of these results aren't real signatures.
I was under the impression that SKS verified signature packets both during upload and during gossip. If so, how did invalid or corrupt signature packets make it into the database? Do you have a count of the total number of invalid signature packets? Daniel On Sun, Mar 22, 2015 at 4:58 AM, Hanno Böck <ha...@hboeck.de> wrote: > Hi, > > I think this could be interesting for a couple of people: > > I had a project running in private for quite a while, I now published > the details: I wrote a script that analyzes the dumps from key servers > and puts the crypto values into a mysql database. > > This can be used to search for vulnerable keys or signatures on large > scale. I did this for two potential threats: DSA signatures with > duplicate k values and RSA keys with shared factors. > > The overall result is a good one: It seems OpenPGP implementations with > completely broken random number generators exist, but they are a rare > thing. > > Code: > https://github.com/hannob/pgpecosystem > > Background paper: > http://eprint.iacr.org/2015/262 > > cu, > -- > Hanno Böck > http://hboeck.de/ > > mail/jabber: ha...@hboeck.de > GPG: BBB51E42 > > _______________________________________________ > Sks-devel mailing list > Sks-devel@nongnu.org > https://lists.nongnu.org/mailman/listinfo/sks-devel > _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel