Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
Sean Lynch
seanl at literati.org
Tue Sep 27 10:02:00 PDT 2016
On Tue, Sep 27, 2016 at 8:06 AM, Georgi Guninski <guninski at guninski.com>
wrote:
> On Tue, Sep 27, 2016 at 02:43:48PM +0000, Sean Lynch wrote:
> > > Is this a bug at all?
> > >
> >
> > I think the bug is that openssl is silently ignoring parameters, because
> > I'm pretty sure what you're doing is producing and verifying sha1 hashes,
> > not cryptographic signatures. Which means your keys aren't entering the
> > picture at all.
> > I
> >
>
> No, this is not the case. openssl do the math. I verified both
> signatures in my sage implementation and in python's Crypto.DSA, so math
> is going on, not only hashes.
>
> This fails in the same directory with a random new key:
>
> $ openssl dsaparam 1024 > dsapar ; openssl gendsa dsapar > keyrandom.priv
> ; openssl dsa -in keyrandom.priv -pubout -out keyrandom.pub
> $ openssl dgst -sha1 -verify keyrandom.pub -signature file.txt.sig file.txt
> Verification Failure
>
>
My apologies. I was on my phone so didn't have ready access to the dgst
manpage. That does seem very strange.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1481 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20160927/8388b5cc/attachment.txt>
More information about the cypherpunks
mailing list