Complexities on faking one signature

classic Classic list List threaded Threaded
1 message Options
iry
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Complexities on faking one signature

iry
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello everyone!

When an adversary attempts to create someone's GPG signature of a
certain message, there are at least two ways to do so:
1. Computing the private key from the public key of the target and
then using the private key to sign the message;
2. Enumerating the possible signature of that certain message and
using the target's public key to verify if one of the signatures is
correct.

If other conditions are same and the adversary only needs to get the
target's signature of one certain message, will the second approach
easier than the first approach in terms of computing complexity?

I'm really looking forward to the answer and/or further discussion!
Thank you!

Best,
iry
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJY4d7kAAoJEKFLTbxtzdU86f0P+gMB67gMyK9Bm+IPd/nxBULS
4DfpAAE6UjwF43OjFpPwGFshMKjSwGXUvdcgcg2cCNlPGfoRL7KQyxLVmagfsBY5
1v2bVQeNOYmvUtPa/98vTKzw/TRDEi90dRPbYvABqCONcUHTvvsaZmK8y/pleMs1
qAzGzXV8CeV44RevOqimeHYGC34JOXw9cyAUvUbNKewasuQpCkv5BiJ4Z7Wl8EWv
DpHN6gAgoVgRl5d7KlnV7EFZU7oOtRz6aeH/LZonR4NdxaVHbFnAhR7S9x0DyaBO
+2a+PIREmmy9H9zwsmNyrhGpZHaQI2qcdsY/g3hnE+h6Ox1ptUTimQUzu/NwSIyC
MOY9sD4YiLW+bD7sIj8CeNLHK7Zte9YeptOFgJS8dc3XWAWcpjbnTnmuagdYa8JM
34vMSYH8gvIHkzSTL3XgDXDVl/JSJN0iJFdwBk05K9sUSVdQqlJmNcDUuVaA4M0T
35UwfSgtXnb7jiLt3F3lTMuSzWFb/N05iXIfiTqiJCJASyssnjLtXIHZAyYqoOle
FfReMxL9M7saghMSASf4NVjvRsnFeM0QbuB1ZzOxDJIDngi06lnv32ERI2pjp3LV
mzWLZsyIfD+L9sOAbRm3BnjyqLl6AKJGGkzVK2BVYMm18Hca1r9gxeGliEH+snTj
f0tPURtNEgxuhf293w2O
=mJXl
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

0x6DCDD53C.asc (3K) Download Attachment
0x6DCDD53C.asc.sig (744 bytes) Download Attachment
Loading...