From <> Subject Fake Linus Torvalds' Key Found in the Wild, No More Short-IDs. Date Mon, 15 Aug 2016 15:34:01 +0000 (UTC) It was well-known that PGP is vulnerable to short-ID collisions,

and many experiments were done to demonstrate that. [0]



Nevertheless, real attacks started in June, some developers found

their fake keys with same name, email, and even "same" fake signatures

by more fake keys in the wild, on the keyservers. [1]



All these keys have same short-IDs, created by collision attacks, led

with some discussions about the danger of short-IDs. Now, it is worth

to mention this issue again, since fake keys of Linus Torvalds, Greg Kroah-Hartman,

and other kernel devs are found in the wild recently.



> We don't know who is behind this, or what his purpose is. We just know this

> looks very evil.



Search Result of 0x00411886: https://pgp.mit.edu/pks/lookup?search=0x00411886&op=index

Fake Linus Torvalds: 0F6A 1465 32D8 69AE E438 F74B 6211 AA3B [0041 1886]

Real Linus Torvalds: ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 [0041 1886]



Search Result of 0x6092693E: https://pgp.mit.edu/pks/lookup?search=0x6092693E&op=index

Fake Greg Kroah-Hartman: 497C 48CE 16B9 26E9 3F49 6301 2736 5DEA [6092 693E]

Real Greg Kroah-Hartman: 647F 2865 4894 E3BD 4571 99BE 38DB BDC8 [6092 693E]



Everyone,

> In short, that cutting a fingerprint in order to get a (32- or 64-bit) short

> key ID is the worst of all worlds, and we should rather target either always

> showing full fingerprints, or not showing it at all

> (and leaving all the crypto-checking bits to be done by the software, as comparing

> 160-bit strings is not natural for us humans). - Gunnar Wolf



DO NOT TRUST ANYTHING SHORTER THAN THE FINGERPRINTS.



[0] http://www.asheesh.org/note/debian/short-key-ids-are-bad-news.html

[1] http://gwolf.org/node/4070



