Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
Georgi Guninski
guninski at guninski.com
Tue Sep 27 08:06:40 PDT 2016
On Tue, Sep 27, 2016 at 02:43:48PM +0000, Sean Lynch wrote:
> > Is this a bug at all?
> >
>
> I think the bug is that openssl is silently ignoring parameters, because
> I'm pretty sure what you're doing is producing and verifying sha1 hashes,
> not cryptographic signatures. Which means your keys aren't entering the
> picture at all.
> I
>
No, this is not the case. openssl do the math. I verified both
signatures in my sage implementation and in python's Crypto.DSA, so math
is going on, not only hashes.
This fails in the same directory with a random new key:
$ openssl dsaparam 1024 > dsapar ; openssl gendsa dsapar > keyrandom.priv ; openssl dsa -in keyrandom.priv -pubout -out keyrandom.pub
$ openssl dgst -sha1 -verify keyrandom.pub -signature file.txt.sig file.txt
Verification Failure
More information about the cypherpunks
mailing list