Am Freitag, 20. Januar 2012, 21:15:29 schrieb Chris Poole:

> The encryption and signing is still being done by the subkeys, so is
> it simply that they're signed by the parent 1024-bit key, and this key
> is easier to fake?

Yes. If the main key is compromised then

a) certifications for other keys can be forged (of course, anyone being 
attacked by that could see that the key whose certification he is going to 
rely on is that short)

b) new subkeys for that key can be created

If the attacker is capable of a man-in-the-middle attack then he can send the 
compromised key when the attacked person makes a keyserver update. This way 
noone would notice the manipulation (not even the key owner when checking 
what's on the keyservers). Afterwards data would be encrypted to the wrong key 
and signatures by the attackers subkey would be accepted.

Another attack szenario is that the whole key can be revoked when you need it. 
People do not send you important, urgent information because they do not have 
a valid key to encrypt to. Or you have to sign something in time but do not 
have a key which is accepted be the recipient.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to