On 6.12.2024 01:54, Jacob Bachmeyer via Gnupg-devel wrote:
This could be as simple as including a nonce in the signature.
Just for the record, due to the way of how OpenPGP hashes files, there's plenty of other metadata influencing the final hash e.g. signature creation time (I guess it's rather improbable that the attacker would control that up to a second precision; it's not a high entropy data though; also: some implementations embed nonce data in notations).
Kind regards, Wiktor _______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
