ROCA detection in GnuPG
Francois Grieu
fgrieu at gmail.com
Tue Oct 17 16:33:59 CEST 2017
Werner Koch <wk at gnupg.org> wrote:
> Over at gnupg-verein, Phil asked whether it would make sense to
> have an auto-detection of ROCA affected keys in GnuPG.
The ROCA test can have false positives, with probability 1/238878720
that a perfectly fine RSA key raise alarm. See details at
https://crypto.stackexchange.com/questions/52292/what-is-fast-prime
This is low enough that it will seldom happen by chance, but on the other
hand it is very possible to intentionally make a (secure) key that raise this
alarm, just for the nastiness of it.
Francois Grieu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20171017/8a5d45a0/attachment.html>
More information about the Gnupg-devel
mailing list