ITPUB

Aug 16, 2016 · Information Security

Real PGP Short‑ID Collisions Expose Fake Keys and MITM Risks – Use Full Fingerprints

Since June, genuine PGP short‑ID collision attacks have surfaced, allowing attackers to create fake keys that exactly copy the name, email, and trust signatures of real keys, enabling man‑in‑the‑middle exploits, and experts now urge displaying full fingerprints to eliminate the threat.