Key evidence reveals the authenticity of Australia's "Satoshi Nakamoto"

Yesterday, the news that Satoshi Nakamoto’s identity was “exposed” made headlines in major media outlets, but netizens did not show much surprise about this. This was probably due to the “wolf cry” effect. Previously, the media had claimed more than once that they had found “Satoshi Nakamoto.”

The Australian businessman "Craig S. Wright" who was exposed yesterday was naturally deduced to be a scam by various evidences. Now, Motherboard has published an article with evidence to overturn the conclusions of Wired and the well-known technology blog Gizmodo. According to Motherboard, there is a biggest problem here. At least one of the key evidences - the PGP key, seems to be fake. Motherboard believes that the generation time of the PGP key of the so-called "Satoshi Nakamoto" given in the reports of Wired and Gizmodo is likely to be after 2009 and uploaded after 2011.

The article authors wrote:

"Why did I doubt the PGP key? Because I found that Wired and Gizmodo gave different keys, and not only that, neither of the two keys could be verified."

The author asked both media outlets about this matter, and Gizmodo editor Katie Drummond responded: "The key is just a (relatively small) piece of data among the many pieces of evidence we provide."

The author expressed doubts about Katie's response: "How can the key be a small piece of evidence? The key is very critical because it is very likely to reveal that this is a deliberate scam. (Andy Greenberg of Wired pointed out that there are already clues in their article - Wright may be suspected of long-term planning of the scam)."

The author compared Satoshi Nakamoto’s original key with the keys given by Wired and Gizmodo:

Satoshi Nakamoto’s original key

The original key is currently hosted on bitcoin.org, which was in contact with Satoshi in 2009, so we know it is the real Satoshi key. The original key was reportedly generated in October 2008, using DSA-1024 encryption (which is considered weak today and is not recommended). At the time, GnuPG defaulted to DSA-1024, and most people used it for encryption. The original key appears to have been generated on the Windows version of GnuPG (which was outdated at the time).

The Satoshi key given by the connection

The "Satoshi Nakamoto" key given by Gizmodo

The keys given by Wired and Gizmodo are both encrypted with RSA-3072, which was a strange choice of encryption algorithm in 2008, and the author said this was a point pointed out by security expert Erinn Clark. (DSA-1024 was the default at the time, and RSA-2048 is the default today)

The Wired and Gizmodo articles provide key server entries that prove Craig Wright is Satoshi Nakamoto. A key server is a directory of PGP keys with user-submitted entries. The key server in the article is maintained by MIT, and other key servers are also synchronized to MIT's key server.

The email address bound to the key given by the connection is [email protected] . This email address has nothing to do with Satoshi Nakamoto, but it is very similar to the email address [email protected] that is related to Satoshi Nakamoto.

The email address bound to the key provided by Gizmodo is [email protected] , which was hacked in 2014.

According to the MIT key server, both of Nakamoto’s so-called keys were created in 2008, before Bitcoin even existed.

To prove this, the author also created a PGP key himself. In less than 10 minutes, the author created the key and made it appear that the key was created in 2008 and uploaded it to MIT's public key server.

Author-created key

In fact, it is easy to fake the date a PGP key was created. Motherboard cybersecurity reporter Lorenzo Franceschi Bicchierai created a PGP key using the [email protected] email address and made it appear that it was created in 2004, when in fact Bicchierai created the key on December 8, 2015.

The author asked Wired and Gizmodo for comment. Both said that PGP keys do not change anything. Wired reporter Andy Greenberg replied:

"It's certainly interesting, but it's just something that backs up what we already said in our article, and we also pointed out that this could be an incredibly elaborate hoax."

Katie Drummond, editor-in-chief of Gizmodo, said:

“What we want to point out in our article is that Craig Wright has many years of experience in Bitcoin and he has told many people that he is the inventor “Satoshi Nakamoto”. The PGP key you mentioned is just a (relatively small) piece of data. We simply refer to the information of the public key library.”

The author said:

“Yes, a PGP key is a single piece of evidence, but considering that PGP is a cryptographic method for verifying a user’s online identity, isn’t it ridiculous that there are so many inconsistencies and even signs of deliberate deception?”

Original article: http://motherboard.vice.com/read/satoshis-pgp-keys-are-probably-backdated-and-point-to-a-hoax
By SARAH JEONG
Translator: printemps
Editor: printemps
Source (translation): Babbitt Information (http://www.8btc.com/nakamoto-hoax)