Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
John Newman
jnn at synfin.org
Tue Sep 27 10:40:01 PDT 2016
On Tue, Sep 27, 2016 at 06:06:40PM +0300, Georgi Guninski wrote:
> On Tue, Sep 27, 2016 at 02:43:48PM +0000, Sean Lynch wrote:
> > > Is this a bug at all?
> > >
> >
> > I think the bug is that openssl is silently ignoring parameters, because
> > I'm pretty sure what you're doing is producing and verifying sha1 hashes,
> > not cryptographic signatures. Which means your keys aren't entering the
> > picture at all.
> > I
> >
>
> No, this is not the case. openssl do the math. I verified both
> signatures in my sage implementation and in python's Crypto.DSA, so math
> is going on, not only hashes.
>
> This fails in the same directory with a random new key:
>
> $ openssl dsaparam 1024 > dsapar ; openssl gendsa dsapar > keyrandom.priv ; openssl dsa -in keyrandom.priv -pubout -out keyrandom.pub
> $ openssl dgst -sha1 -verify keyrandom.pub -signature file.txt.sig file.txt
> Verification Failure
Yeah, I emailed too soon... Thats what I got too.
John
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20160927/aa36bcf1/attachment.sig>
More information about the cypherpunks
mailing list