[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?

To: [email protected]
Subject: Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
From: grarpamp at gmail.com (grarpamp)
Date: Tue, 27 Sep 2016 22:56:56 -0400
In-reply-to: <[email protected]$>
References: <[email protected]$>

On Tue, Sep 27, 2016 at 5:21 AM, Georgi Guninski <guninski at guninski.com> wrote:
> I generated them with a proggie

What proggie?

> $ openssl dgst -sha1 -verify key1.pub -signature file.txt.sig file.txt ; openssl dgst -sha1 -verify key2.pub -signature file.txt.sig file.txt

Can't verify without all your files posted.

> Is this theoretical weakness in openessl 1.0.1t?
> Is this a bug at all?

In other news, openssl just released another pile of CVE's.

References:
- Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
  - From: guninski at guninski.com (Georgi Guninski)

Prev by Date: Fwd: [NATURAL_DEFENCE] Fight the Surveillance State on Local Level
Next by Date: DDoS Of Things -
Previous by thread: Posting the keys/certs for: Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
Next by thread: Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
Index(es):
- Date
- Thread