Silk Road forums
Discussion => Security => Topic started by: JonSnowlake on August 28, 2012, 12:06 am
-
Is there any way for someone to find out which keychain created two public keys/trace them back to it/find that they were created by the same person/a common keychain and as such connect them to each other ?
-
Oh ok, thanks. What is the no emit version command ?
-
Is there any way for someone to find out which keychain created two public keys/trace them back to it/find that they were created by the same person/a common keychain and as such connect them to each other ?
I don't think so. Public keys are generated (supposedly) using randomly-chosen prime numbers, so there should be no way to tell who generated any particular key. If you don't use the no-emit-version command in your gpg.conf, the most they can tell is that your keys were generated by a particular version of PGP/GPG on the same platform, e.g. Linux, Mac, or Windows.
Guru
Correct me if I am wrong but, generally when a PGP/GPG type tool asks a user to "move the cursor randomly around the screen" to help ensure randomness, its doing just that, creating a unique seed for each generation so that it cant be linked back to a certain cpu.
-
Thanks for the info Guru.