On Fri, Jul 01, 2016 at 08:11:20PM -0700, Rayzer wrote:
Waiting for Juan to tell us how compromised gpg is and that you're a fed if you question his (snigger) authority.
===== https://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html Thu Nov 27 09:29:51 CET 2003 GnuPG's ElGamal signing keys compromised Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys for signing. This is a significant security failure which can lead to a compromise of almost all ElGamal keys used for signing. Note that this is a real world vulnerability which will reveal your private key within a few seconds. ====== Do you mean to see more like this from gpg? IIRC gpg used small number, to save picoseconds in computations and the attack fucked them with lattice reduction in nanoseconds... Not to mention the compatibility with pgp 0.0001, which makes keyid collisions trivial (the ubuntu comrades suffered from this few times).