Sorry Christian but I am going to stop replying after this one. I’m not trying to be a dick, it’s just that at this point I think continuing our conversation is going to confuse readers more than it will help them. The concepts you are referring to and sources you are citing are only tangentially applicable to the conversation at hand.
The fact that it is possible to collide hashes, signatures, etc. is well known and obvious. The reason it is not a concern is the extreme difficulty in producing a collision. As indicated above, you would have to brute force your way through 10^77 different combinations to guarantee a successful collision.
The section you cited describes PGP encryption, not signatures. They are two entirely different things. PGP signatures do not involve session keys.
You can manipulate the output of (or “add specific entropy to”) any hash function. It is, however, absurdly difficult to convey meaningful information in the output of a hash function. See above regarding the amount of work required. Furthermore, because a private key is longer than a PGP signature, it is literally impossible to encode the key in the signature.
The code uses a library, which means it supports multiple functions. The vast majority of which are not used by the script.
You are referring to several traits which are common to almost all cryptographic systems, yet you are implying these are traits unique to PGP. Furthermore, you are describing these traits with loaded language that paints them as weaknesses, when in fact, they are known, accounted-for limitations.
Anyone familiar with cryptography will gain nothing from reading this exchange, and anyone unfamiliar with cryptography will likely be confused and mislead.
As indicated above, you would have to brute force your way through 10^77 different combinations to guarantee a successful collision.
You haven’t shown that a SHA2 collision is needed. SHA2 get’s used to create the message digest. That in turn get’s encrypted via the private key.
You are referring to several traits which are common to almost all cryptographic systems, yet you are implying these are traits unique to PGP.
No, I haven’t said anything about something being unique to PGP. My core claim is that you haven’t demostrated safety.
The standard cryptopunk way of thinking is to mistrust statements about crypto that aren’t demostrated to be true.
You can manipulate the output of (or “add specific entropy to”) any hash function. It is, however, absurdly difficult to convey meaningful information in the output of a hash function. See above regarding the amount of work required.
SHA2 in particular hasn’t been successfully attacked. Other hash functions on the other hand have been.
I remember sitting in the audience at the CCC while they explained how the broke SSL at the time via a collision and some other tricks.
and anyone unfamiliar with cryptography will likely be confused and mislead.
They will see that you haven’t demostrated what you claimed in a clear fashion. Anyone who wants safety via crypto-systems should use systems that who’s safety is well established. It’s as it should be.
Furthermore, because a private key is longer than a PGP signature, it is literally impossible to encode the key in the signature.
It doesn’t have to get out all the information in one swoop if you use the thing multiple times.
The fact that you make that argument suggests that you don’t have a real argument that demonstrates safety.
Sorry Christian but I am going to stop replying after this one. I’m not trying to be a dick, it’s just that at this point I think continuing our conversation is going to confuse readers more than it will help them. The concepts you are referring to and sources you are citing are only tangentially applicable to the conversation at hand.
The fact that it is possible to collide hashes, signatures, etc. is well known and obvious. The reason it is not a concern is the extreme difficulty in producing a collision. As indicated above, you would have to brute force your way through 10^77 different combinations to guarantee a successful collision.
The section you cited describes PGP encryption, not signatures. They are two entirely different things. PGP signatures do not involve session keys.
You can manipulate the output of (or “add specific entropy to”) any hash function. It is, however, absurdly difficult to convey meaningful information in the output of a hash function. See above regarding the amount of work required. Furthermore, because a private key is longer than a PGP signature, it is literally impossible to encode the key in the signature.
The code uses a library, which means it supports multiple functions. The vast majority of which are not used by the script.
You are referring to several traits which are common to almost all cryptographic systems, yet you are implying these are traits unique to PGP. Furthermore, you are describing these traits with loaded language that paints them as weaknesses, when in fact, they are known, accounted-for limitations.
Anyone familiar with cryptography will gain nothing from reading this exchange, and anyone unfamiliar with cryptography will likely be confused and mislead.
You haven’t shown that a SHA2 collision is needed. SHA2 get’s used to create the message digest. That in turn get’s encrypted via the private key.
No, I haven’t said anything about something being unique to PGP. My core claim is that you haven’t demostrated safety.
The standard cryptopunk way of thinking is to mistrust statements about crypto that aren’t demostrated to be true.
SHA2 in particular hasn’t been successfully attacked. Other hash functions on the other hand have been.
I remember sitting in the audience at the CCC while they explained how the broke SSL at the time via a collision and some other tricks.
They will see that you haven’t demostrated what you claimed in a clear fashion. Anyone who wants safety via crypto-systems should use systems that who’s safety is well established. It’s as it should be.
It doesn’t have to get out all the information in one swoop if you use the thing multiple times. The fact that you make that argument suggests that you don’t have a real argument that demonstrates safety.