IETF Logo Mail Archive

Re: [openpgp] Fingerprints and their collisions resistance

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 04 January 2013 22:25 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54EBC21F8786 for <openpgp@ietfa.amsl.com>; Fri, 4 Jan 2013 14:25:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.284
X-Spam-Level:
X-Spam-Status: No, score=-2.284 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lE5UJZ1ywiWA for <openpgp@ietfa.amsl.com>; Fri, 4 Jan 2013 14:25:23 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id A757021F8749 for <openpgp@ietf.org>; Fri, 4 Jan 2013 14:25:23 -0800 (PST)
Received: from [192.168.23.229] (dsl254-070-154.nyc1.dsl.speakeasy.net [216.254.70.154]) by che.mayfirst.org (Postfix) with ESMTPSA id 2202CF970; Fri, 4 Jan 2013 17:25:20 -0500 (EST)
Message-ID: <50E756CC.9020104@fifthhorseman.net>
Date: Fri, 04 Jan 2013 17:25:16 -0500
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Icedove/17.0
MIME-Version: 1.0
To: jbar <jeanjacquesbrucker@gmail.com>
References: <50E530D6.6020609@brainhub.org> <D3684BB5-FDC6-4834-8FAE-C482A25E3FB0@callas.org> <50E5D6AA.6060200@brainhub.org> <874nixev2u.fsf@vigenere.g10code.de> <50E61486.9010209@brainhub.org> <20130104105328.GA5156@quelltextlich.at> <50E733F4.90400@brainhub.org> <20130104220026.2b1ccf24.jeanjacquesbrucker@gmail.com>
In-Reply-To: <20130104220026.2b1ccf24.jeanjacquesbrucker@gmail.com>
X-Enigmail-Version: 1.5
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="----enig2MLXPBKAOWQCTTUMOWARM"
Cc: openpgp@ietf.org
Subject: Re: [openpgp] Fingerprints and their collisions resistance
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jan 2013 22:25:24 -0000

On 01/04/2013 04:00 PM, jbar wrote:
> On Fri, 04 Jan 2013 11:56:36 -0800  Andrey Jivsov <openpgp@brainhub.org> wrote:
>> Should we rather say that the _practical_ value is about 60 (it's not to 
>> say that 2^60 is that practical, but that there is an expensive but an 
>> actionable attack plan). The following post leads the reader to the 
>> algorithm : 
>> http://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
> 
> In either case, humans are less than 2^33 todays and this number should not increase so much in the next decades. Even if each living human use OpenPGP and more than a dozen of keys, we are far from 2^60 or 2^51...

I think you're trying to analyze this in a scenario where you want to
establish equitable sharing of limited resources among cooperating peers.

This is not the scenario the OpenPGP specification needs to concern
itself with.  Rather, the OpenPGP specification needs to be concerned
with providing cryptographically strong guarantees in the face of
malicious and well-funded adversaries.

That is, it's not enough to say that we have enough to go around.  We
need to show that the search space is large enough (and the digest
strong enough) that someone can't come up with a new key that matches
the fingerprint of your key, even if they have millions of dollars and
powerful computers at their disposal.

Regards,

	--dkg

v2.23.0 | Report a Bug | By Email