------------------------------------------------------------------------


Re: Key fingerprint

From: abostick@netcom.com (Alan Bostick)
Date: Sat, 24 Dec 1994 06:53:46 GMT
Organization: Arrogant Opinions 'R' Us
Newsgroups: alt.security.pgp
References: 1
    ------------------------------------------------------------------------


-----BEGIN PGP SIGNED MESSAGE-----

There's been a bit of misinformation in this thread, and even though the
correct information has been posted in response, it isn't all in one
place, and the potential for confusion remains.

The "Key ID" of a PGP public key is the 64 least significant bits of
that key.  When it is displayed (e.g. when "pgp -kv" is executed on a
public keyring), only the 32 least significant bits are shown.

The "Key Fingerprint" of a PGP public key is the 128-bit MD5 hash of
that key.

Could the whole public key be recovered from the Key ID?  Probably not.
I don't want to say "certainly not" because of the possibility that
someone could use number theory and guesswork (perhaps combined with
trial encryptions of known plaintexts) to actually do it.  Matt
Austern's claim that the information thrown away with the 960 (or
whatever) most significant bits makes the public key irrecoverable
sounds plausible, but I wouldn't want to rely on it without a solid
proof.

Could the whole public key be recovered from the Key Fingerprint?
Probably not.  If it could, that would mean that the MD5 hash
algorithm is in serious trouble.

(N.B.: Bruce Schneier, in APPLIED CRYPTOGRAPHY, warns secure hash
function users away from MD5: "[An] attack by Bert den Boer and Antoon
Bossalaers cam produce collisions using the compression function in MD5
[266].  This does not lend itself to attacks against MD5 in practical
applications; it does mean that one of the basic design principles of
MD5 -- to design a collision-resistant compression function -- has been
violated.  It is enough of a weakness in MD5 to make me wary of using
it." [p.  333]  Schneier's reference 266 is to den Boer's and Bossalaers's
paper in EUROCRYPT '93.)

                          | For me, to be a feminist is to answer the
   Alan Bostick           | question "Are women human?" with a yes.
   abostick@netcom.com    |
finger for PGP public key |      Katha Pollitt, REASONABLE CREATURES
Key fingerprint:          |
50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79  +legal_kludge=off

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQB1AgUBLvvMi+VevBgtmhnpAQEhagMAoIkM2vGqzggnNXxPPuIMcnPNp2nUlzkq
7ICWu8653DXciiDclKXL1F76Z8S/gZVfBXd48ZggZu6uwW4D5onSqS8VziuiWRpJ
IjZnAH22FsE5doz4i3Da9jTu5Mwi8DGK
=64gR
-----END PGP SIGNATURE-----

    ------------------------------------------------------------------------