From: Derek Atkins <warlord@MIT.EDU>
Date: Mon, 19 Aug 1996 05:50:31 +0800
To: "William H. Geiger III" <whgiii@amaranth.com>
Subject: Re: DEADBEEF Attack??
In-Reply-To: <199608181930.OAA27678@mailhub.amaranth.com>
Message-ID: <9608181941.AA19952@pickled-herring.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

> I am looking for some detailed information on the "DEADBEEF" attack
> for key fingerprint spoofing.
> 
> If anyone has any information or know where to find it please let me know.

I'm not sure what you mean by the DEADBEED attack on fingerprint
spoofing.  There is a DEADBEEF attack on keyIDs, where you can
generate a key that matches the keyID, since the keyID is only the
lowest bits of the key's modulus.  Basically, you can choose p and q
such that ((P*Q) & 0xFFFFFFFF) is the keyID you want to mimick.

There have been a number of lengthy posts about it in the past.  I'd
suggest you look in the cypherpunks or other appropriate archive.

-derek