Silk Road forums

Discussion => Security => Topic started by: JonSnowlake on August 28, 2012, 12:06 am

Title: keychain, can two keys created by the same pgp keychain be traced to each other
Post by: JonSnowlake on August 28, 2012, 12:06 am
Is there any way for someone to find out which keychain created two public keys/trace them back to it/find that they were created by the same person/a common keychain and as such connect them to each other ?
Title: Re: keychain, can two keys created by the same pgp keychain be traced to each other
Post by: JonSnowlake on August 28, 2012, 12:16 am
Oh ok, thanks. What is the no emit version command ?
Title: Re: keychain, can two keys created by the same pgp keychain be traced to each other
Post by: Errl_Kushman on August 28, 2012, 12:19 am
Is there any way for someone to find out which keychain created two public keys/trace them back to it/find that they were created by the same person/a common keychain and as such connect them to each other ?

I don't think so.  Public keys are generated (supposedly) using randomly-chosen prime numbers, so there should be no way to tell who generated any particular key. If you don't use the no-emit-version  command in your gpg.conf, the most they can tell is that your keys were generated by a particular version of PGP/GPG on the same platform, e.g. Linux, Mac, or Windows.

Guru

Correct me if I am wrong but, generally when a PGP/GPG type tool asks a user to "move the cursor randomly around the screen" to help ensure randomness, its doing just that, creating a  unique seed for each generation so that it cant be linked back to a certain cpu.
Title: Re: keychain, can two keys created by the same pgp keychain be traced to each other
Post by: JonSnowlake on August 29, 2012, 01:05 pm
Thanks for the info Guru.