GPG signatures do not authenticate filenames


ID: 61
PHID: PHID-TASK-b56lq6ev3nvmsutu64ct
Author: Patrick
Status at Migration Time: resolved
Priority at Migration Time: Normal



When using gpg --armor --detach-sign some-file-version-c a file some-file-version-c.asc will be created.

But an adversary position to arbitrarily change file names on a mirror or so could rename it to some-file-version-d and some-file-version-d.asc.

That could trick the verifier into believing having received a more recent version than expected. The adversary could use this to mount rollback [1] (downgrade) or indefinite freeze [2] attacks.


The Tor Project (TPO) similar track ticket - GPG signatures do not authenticate filenames:

asked on gnupg-users mailing list - How to sign the name of the name as well, not just the file?

Possible solution: OpenPGP notations

We could use OpenPGP notations as I asked on the gnupg-users mailing list:

Try this:

echo "test" > x
gpg --armor --set-notation file@name="x" --detach-sign x
gpg --armor --verify-options show-notations --verify x.asc

Example output:

~ $ echo "test" > x
~ $ gpg --armor --set-notation file@name="x" --detach-sign x

You need a passphrase to unlock the secret key for
user: "Patrick Schleizer <>"
4096-bit RSA key, ID 77BB3C48, created 2014-01-16 (main key ID 2EEACCDA)

~ $ gpg --armor --verify-options show-notations --verify x.asc
gpg: Signature made Mon 12 Jan 2015 11:13:19 PM UTC using RSA key ID 77BB3C48
gpg: Good signature from "Patrick Schleizer <>" [ultimate]
gpg: Signature notation:
gpg: Signature notation: file@name=x
~ $ 

The first gpg command could be added to the sign_images Whonix maintainer script to easily add this notation:

Then we could tell users in documentation to use --verify-options show-notations and therefore check the file name has not been tampered with.

Other possible solutions:

  • creating a sha512sums file and signing that one - more cumbersome to download and verify
  • using tar and a versioned sub folder - cumbersome for .ova images - folder name easily overlooked



2015-01-12 23:37:35 UTC


2015-02-04 02:18:25 UTC