[Bug 1288293] Re: GnuPG uses SHA1 for key signatures

[xor]

"As of 2012, the most efficient attack against SHA-1 is considered to be
the one by Marc Stevens[32] with an estimated cost of $2.77M to break a
single hash value by renting CPU power from cloud servers.[33] Stevens
developed this attack in a project called HashClash,[34] implementing a
differential path attack. On 8 November 2010, he claimed he had a fully
working near-collision attack against full SHA-1 working with an
estimated complexity equivalent to 2^57.5 SHA-1 compressions. He
estimates this attack can be extended to a full collision with a
complexity around 2^61."

Source:
http://en.wikipedia.org/w/index.php?title=SHA-1&oldid=598619464#Attacks

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnupg in Ubuntu.
https://bugs.launchpad.net/bugs/1288293

Title:
  GnuPG uses SHA1 for key signatures

Status in “gnupg” package in Ubuntu:
  New

Bug description:
  (SHA1 is generally considered broken since 2005!)

  Used software:
  Kubuntu 13.10 amd64
  GnuPG package Version: 1.4.14-1ubuntu2.1 (taken from dpkg --status gnupg), 

  Reproducing instructions:
  Generate two keys using default key parameters:
  $ gpg --homedir test --gen-key
  $ gpg --homedir test --gen-key

  Sign one key with the other:
  $ gpg --edit-key name-of-first-key
  sign
  quit

  Dump the signed key:
  gpg --homedir test --export name-of-first-key | gpg --homedir test --list-packets

  You will now notice that all signatures, and therefore even the self-signatures, use "digest algo 2".
  This is SHA1:
  http://tools.ietf.org/html/rfc4880#section-9.4

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1288293/+subscriptions