Adding a nounce before hashing as covert channel
Andrew Gallagher
andrewg at andrewg.com
Tue Dec 17 16:19:29 CET 2024
On 17 Dec 2024, at 13:40, James Bottomley <James.Bottomley at HansenPartnership.com> wrote:
> I admit, since you would most
> need to execute this over the lifetime of a key and store as many
> signatures as you can, that it's a nation state type of attack rather
> than a quick hacker infiltration one. But these are also the types of
> attack we need to guard against.
The type of attack that you’re describing appears at first glance to have no better probability of success than random chance. If you could calculate how much better than random such a method might be, it would help us all understand how seriously to take the possibility. But even if it were worth considering, adding random salt would be expected to *decrease* the chances of a digest collision, so it would be an argument *for* salting.
A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20241217/6d515aa1/attachment.sig>
More information about the Gnupg-devel
mailing list