Re: Release Signing Keys are Susceptible to Attack

Mirror of the gdb mailing list
 help / color / mirror / Atom feed

From: Richard Biener <richard.guenther@gmail.com>
To: R0b0t1 <r030t1@gmail.com>
Cc: Binutils <binutils@sourceware.org>,
	GCC Development <gcc@gcc.gnu.org>,
	gdb@sourceware.org
Subject: Re: Release Signing Keys are Susceptible to Attack
Date: Thu, 17 Aug 2017 08:39:00 -0000	[thread overview]
Message-ID: <CAFiYyc1v=E+0FHp9yF6oM-j8HMNDgrQ9Q3yNAa0vQ52ejYfT6A@mail.gmail.com> (raw)
In-Reply-To: <CAAD4mYjJ-8zt0o1PjFO3k1K9CVDBVVUkVp2VgtMZcjFqmBOKkw@mail.gmail.com>

On Thu, Aug 17, 2017 at 4:23 AM, R0b0t1 <r030t1@gmail.com> wrote:
> After downloading and verifying the releases on
> ftp://ftp.gnu.org/gnu/, I found that the maintainers used 1024 bit DSA
> keys with SHA1 content digests. 1024 bit keys are considered to be
> susceptible to realistic attacks, and SHA1 has been considered broken
> for some time.
>
> http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf, p17
> https://shattered.io/
>
> SHA1 is weak enough that a team of researchers was able to mount a
> realistic attack at no great cost.

It looks like gpg2 uses SHA1 as digest algorithm by default.  I use
a 2048bit RSA for signing, that should be ok, no?

I suggest to report the issue to gnupg upstream (I'm using 2.0.24
with libgcrypt version 1.6.1).  It looks like the OpenPGP standard
mandates SHA1 here and using --digest-algo is stronly advised
against for interoperability reasons.

Richard.

> As compilers and their utilities are a high value target I would
> appreciate it if the maintainers move to more secure verification
> schemes.
>
> Respectfully,
>      R0b0t1.

next prev parent reply	other threads:[~2017-08-17  8:39 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-08-17  2:23 R0b0t1
2017-08-17  8:39 ` Richard Biener [this message]
2017-08-17 13:09   ` Paul.Koning

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAFiYyc1v=E+0FHp9yF6oM-j8HMNDgrQ9Q3yNAa0vQ52ejYfT6A@mail.gmail.com' \
    --to=richard.guenther@gmail.com \
    --cc=binutils@sourceware.org \
    --cc=gcc@gcc.gnu.org \
    --cc=gdb@sourceware.org \
    --cc=r030t1@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox