[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
- To: Sean Lynch <[email protected]>
- Subject: Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
- From: guninski at guninski.com (Georgi Guninski)
- Date: Tue, 27 Sep 2016 18:06:40 +0300
- Cc: [email protected]
- In-reply-to: <CAHKdp-=rXcGWs=Bv_ObHKotHK5T0zSme5R_52yDkv+tUEPH=ww@mail.gmail.com>
- References: <[email protected]$> <CAHKdp-=rXcGWs=Bv_ObHKotHK5T0zSme5R_52yDkv+tUEPH=ww@mail.gmail.com>
On Tue, Sep 27, 2016 at 02:43:48PM +0000, Sean Lynch wrote:
> > Is this a bug at all?
> >
>
> I think the bug is that openssl is silently ignoring parameters, because
> I'm pretty sure what you're doing is producing and verifying sha1 hashes,
> not cryptographic signatures. Which means your keys aren't entering the
> picture at all.
> I
>
No, this is not the case. openssl do the math. I verified both
signatures in my sage implementation and in python's Crypto.DSA, so math
is going on, not only hashes.
This fails in the same directory with a random new key:
$ openssl dsaparam 1024 > dsapar ; openssl gendsa dsapar > keyrandom.priv ; openssl dsa -in keyrandom.priv -pubout -out keyrandom.pub
$ openssl dgst -sha1 -verify keyrandom.pub -signature file.txt.sig file.txt
Verification Failure