On 2024-12-12 11:58, Wiktor Kwapisiewicz wrote:
On 12.12.2024 11:43, Andrew Gallagher via Gnupg-devel wrote:
It should be noted that the salt in v6 signatures also helps to
protect against fault-based attacks.
SeeĀ https://eprint.iacr.org/2017/1014
I'm not entirely sure that the v6 salt helps in this case - it
influences the final digest but the fault attack then operates on that
new digest. I've read section 9. Countermeasures and couldn't find any
mention of salt being effective.
Fault attacks require the generation of multiple signatures over the
same message digest. With an unsalted signature, it is sufficient to
induce a victim to sign the same message twice with the same timestamp.
With a salted signature, it is vanishingly improbable that the same
digest will ever be produced.
A
_______________________________________________
Gnupg-devel mailing list
[email protected]
https://lists.gnupg.org/mailman/listinfo/gnupg-devel
