Security Basics mailing list archives
Re: gnugpg question
From: "Evil Monkey" <mojojojo () cheme washington edu>
Date: Wed, 23 Oct 2002 12:00:58 -0700
Thanks to those who responded. Here was the catch - looks like PGP is barfing on the secret key checksum: --simple-sk-checksum Secret keys are integrity protected by using a SHA-1 checksum. This method will be part of an enhanced OpenPGP specification but GnuPG already uses it as a countermeasure against certain attacks. Old applications don't understand this new format, so this option may be used to switch back to the old behaviour. Using this this option bears a security risk. Note that using this option only takes effect when the secret key is encrypted - the simplest way to make this happen is to change the passphrase on the key (even changing it to the same value is acceptable). So doing the following worked: gpg --simple-sk-checksum --edit-key [key id] Command> passwd Re-enter password to rewrite it to the database Command> save
On Friday, October 18, 2002, at 12:07 PM, Evil Monkey wrote:I've been playing around with PGP and have found something kooky. I'm curious if y'all have seen the same thing and might be able to offer some explaination: - I can create a key pair with the PGP tools for Windows. I can use this key pair to successfully encrypt and decrypt on the box I created it. I can export this keypair, and import it into gnugpg on a slackware box and successfully use it to encrypt and decrypt things. - I can create a keypair with gnugpg on the slackware box. I can use this key pair to successfully encrypt and decrypt things on that box. I can export the key pair and import it into the pgp tools on a windows box. However when I try to encrypt or decrypt with that keypair it barfs on the passphrase. With an older version of the pgp tools it claimed the passphrase was incorrect. With the most current version it claims the passphrase doesn't exist and won't let me do a thing. On the newest version of pgp tools, if I check out the key's properties and attempt to change the passphrase it says the passphrase I've entered is incorrect. Any ideas as to the cause of this? Pete
Current thread:
- gnugpg question Evil Monkey (Oct 21)
- Re: gnugpg question Jens Rantil (Oct 22)
- Re: gnugpg question Brad Arlt (Oct 22)
- Re: gnugpg question Noah Salzman (Oct 22)
- Re: gnugpg question Jeremie Banier (Oct 22)
- Re: gnugpg question Bruno Lustosa (Oct 24)
- Re: gnugpg question al (Oct 24)
- <Possible follow-ups>
- Re: gnugpg question Evil Monkey (Oct 24)