The "Evil32" attack on PGP keys included me / 2016-08-30

2016-08-30 The "Evil32" attack on PGP keys included me1 year ago
PGP logo Recently there was some news about Duplicate PGP Keys and I looked up the keys associated with my e-mail address / short PGP id:
koos@greenblatt:~$ gpg --search-key F0D7C263
gpg: searching for "F0D7C263" from hkp server pgp.surfnet.nl
(1)     Koos van den Hout <koos@kzdoos.xs4all.nl>
          1024 bit RSA key 7BB7472D18B1B64D20BD63E9B81DABE5F0D7C263, created: 2014-06-16 (revoked)
(2)     Koos van den Hout <koos@idefix.net>
        Koos van den Hout <koos@wu-ftpd.org>
        Koos van den Hout <koos@pizza.hvu.nl>
        Koos van den Hout <koos@kzdoos.xs4all.nl>
        Koos van den Hout (http://idefix.net/) <koos+website@idefix.net>
          1024 bit DSA key 1B8F6AA16EF5949871CBE48E2C663B5DF0D7C263, created: 1998-12-17
Keys 1-2 of 2 for "F0D7C263".  Enter number(s), N)ext, or Q)uit > q
As visible the "fake" key is already revoked. The NCSC article has a lot more explanation.

The key I currently use for my private e-mail has:
pub   1024D/0x2C663B5DF0D7C263 1998-12-17
      Key fingerprint = 1B8F 6AA1 6EF5 9498 71CB  E48E 2C66 3B5D F0D7 C263
uid                            Koos van den Hout <koos@kzdoos.xs4all.nl>
uid                            Koos van den Hout <koos@idefix.net>
uid                            Koos van den Hout (http://idefix.net/) <koos+website@idefix.net>
sub   2048g/0x85019597CD125A2B 1998-12-17
sub   4096g/0xCC166EB91F480E9A 2011-01-11 [expires: 2017-09-14]
sub   2048R/0x8F414665C4B517C1 2015-09-15 [expires: 2017-09-14]
And on 2016-09-05 I decided it was time for a new private e-mail GnuPG/PGP key anyway:
pub   4096R/0x5BA9368BE6F334E4 2016-09-05 [expires: 2021-09-04]
      Key fingerprint = 979B CF89 EBBF 9AC9 6A14  F56A 5BA9 368B E6F3 34E4
uid                            Koos van den Hout <koos@kzdoos.xs4all.nl>
uid                            Koos van den Hout (http://idefix.net/) <koos+website@idefix.net>
uid                            [jpeg image of size 11615]
uid                            Koos van den Hout <koos@idefix.net>
sub   4096R/0x308216DA78517E3D 2016-09-05 [expires: 2021-09-04]
sub   4096R/0x3B17C9ABE4A3C916 2016-09-05 [expires: 2021-09-04]
But if you really want to be sure check in person.

I updated my .gnupg/gpg.conf with:
keyid-format 0xlong
to always show the longer key ID.

Tags: , ,

, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
RSS
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews, Weather maps
This page generated in 0.008702 seconds.