From hedgehogshiatus at gmail.com Sun Nov 1 11:04:55 2009 From: hedgehogshiatus at gmail.com (Hedge Hog) Date: Sun, 1 Nov 2009 21:04:55 +1100 Subject: gpg-error.h possible(?) syntax error: #define GPG_ERR_SYSTEM_ERROR (1 << 15) Message-ID: <143041db0911010204k60ca4b7cn214dc03447f09c8c@mail.gmail.com> Hi, I'm not a C/C++ guru so would appreciate anyone indicating if the following is a bug in the generated gpg-error.h file. This issue arose in the process of trying to create a ruby interface for gpgme. After checking out the source for libgpg-error-1.7 and running: ./autogen.sh ./configure --enable-maintainer-mode make I run swig on an interface file that includes the generated gpg-error.h file. I get the following error from swig (ver 1.3.36): libgpg-error-1.7/src/gpg-error.h:346: Error: Syntax error in input(1). lines 345-7 in gpg-error.h are: /* The following error codes are used to map system errors. */ #define GPG_ERR_SYSTEM_ERROR (1 << 15) GPG_ERR_E2BIG = GPG_ERR_SYSTEM_ERROR | 0, It is not clear to me if this is an problem with gpg-error.h or swig. Appreciate any insight. Hedgehog From gpg.mexon at spamgourmet.com Sun Nov 1 22:28:32 2009 From: gpg.mexon at spamgourmet.com (gpg.mexon at spamgourmet.com) Date: Sun, 01 Nov 2009 21:28:32 +0000 Subject: Using single subkey for both signing and encryption? Message-ID: <4AEDFD80.8010504@spamgourmet.com> Hi, I just have a basic question about subkeys. When I create an RSA subkey I only have the option to create one for signing or encryption, not both. Why is that? There's nothing different about the keys themselves, is there? Is there supposed to be some increased security to doing it this way? From John at Mozilla-Enigmail.org Mon Nov 2 00:22:00 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Sun, 01 Nov 2009 17:22:00 -0600 Subject: Using single subkey for both signing and encryption? In-Reply-To: <4AEDFD80.8010504@spamgourmet.com> References: <4AEDFD80.8010504@spamgourmet.com> Message-ID: <4AEE1818.60205@Mozilla-Enigmail.org> gpg.mexon at spamgourmet.com wrote: > Hi, I just have a basic question about subkeys. When I create an RSA > subkey I only have the option to create one for signing or encryption, > not both. Why is that? There's nothing different about the keys > themselves, is there? Is there supposed to be some increased security > to doing it this way? Given that the underlying mathematics is the same for encryption and signing, only in reverse, if an attacker can convince a key holder to sign an unformatted encrypted message using the same key then she gets the original. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 679 bytes Desc: OpenPGP digital signature URL: From David.Gray at turpin-distribution.com Mon Nov 2 11:38:56 2009 From: David.Gray at turpin-distribution.com (David Gray) Date: Mon, 2 Nov 2009 10:38:56 -0000 Subject: No secret key under different account In-Reply-To: <4AEB5A36.9030302@Mozilla-Enigmail.org> References: <33CE89420E3A834A82E48C2C747A706102923A60@HERMES.turpin-bg.local> <33CE89420E3A834A82E48C2C747A706102923A63@HERMES.turpin-bg.local> <4AEB5A36.9030302@Mozilla-Enigmail.org> Message-ID: <33CE89420E3A834A82E48C2C747A706102923A68@HERMES.turpin-bg.local> What are peoples thoughts on which is the best option: a) copy the secring.gpg & pubring.gpg files to the second user account? b) export and import the keys to the second user account? c) add a reference to the second account's gpg.conf file? Also could anyone please give me an example of the syntax for adding keyring references to gpg.conf? Thanks Dave -----Original Message----- From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of John Clizbe Sent: 30 October 2009 21:27 To: GnuPG Users Subject: Re: No secret key under different account David Gray wrote: > > Hi, > Thanks for the info, that makes sense. > > That does however mean that I will end up with two sets of keyring > files, does anyone know a way to share them to certain priv'd users on a server. Add the extra keyring(s) with 'keyring ' or 'secret-keyring ' line(s) in those users' gpg.conf file -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From David.Gray at turpin-distribution.com Mon Nov 2 11:51:46 2009 From: David.Gray at turpin-distribution.com (David Gray) Date: Mon, 2 Nov 2009 10:51:46 -0000 Subject: gpg.conf Message-ID: <33CE89420E3A834A82E48C2C747A706102923A69@HERMES.turpin-bg.local> Hi Could anyone point me in the right direction for a manual/examples on how to edit the gpg.conf file for GnuPG 2.0.12 (GPG 4 Win)? The pdf manual which gets installed with this kit contains no references and the readme only tells me that gpg.conf gets created during install. I would like to see examples of how to add further keyrings but also it would be good to know what other options & features could be used if configured properly. Thanks Dave Registered Office: Turpin Distribution Services Ltd, Pegasus Drive, Stratton Business Park, Biggleswade, Bedfordshire, SG18 8TQ, UK. ***** Registered in England No. 1331778 ***** This email may contain confidential information and/or copyright material. This email is intended for the use of the addressee only. Any unauthorised use may be unlawful. If you receive this email by mistake, please advise the sender immediately by using the reply facility in your email software. -------------- next part -------------- An HTML attachment was scrubbed... URL: From psilvaferreira at gmail.com Mon Nov 2 12:13:05 2009 From: psilvaferreira at gmail.com (Pedro Ferreira) Date: Mon, 2 Nov 2009 11:13:05 +0000 Subject: OpenPGP card usage Message-ID: Hello, I admit this is a bit odd, but I'm having some elementary problems using my OpenPGP card. I got an OpenPGP v2 card and a Gemalto usb reader. Followed the howto on http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html to initialize the card using the generate command. Everything seems fine on my personal computer. Now when I take the card to another computer, with an empty keyring, shouldn't I be able to make use of my private key stored on the card? If I run gpg --list-keys I get an empty output, gpg --card-status correctly shows my card info and if I try to sign an email with thunderbird/enigmail I get an error saying "Clearsign faild: No secret key" What am I doing wrong? Using gpg4win 2.0.1 (GnuPG 2.0.12) on Windows 7. Thanks Pedro From John at Mozilla-Enigmail.org Mon Nov 2 13:02:21 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Mon, 02 Nov 2009 06:02:21 -0600 Subject: No secret key under different account In-Reply-To: <33CE89420E3A834A82E48C2C747A706102923A68@HERMES.turpin-bg.local> References: <33CE89420E3A834A82E48C2C747A706102923A60@HERMES.turpin-bg.local> <33CE89420E3A834A82E48C2C747A706102923A63@HERMES.turpin-bg.local> <4AEB5A36.9030302@Mozilla-Enigmail.org> <33CE89420E3A834A82E48C2C747A706102923A68@HERMES.turpin-bg.local> Message-ID: <4AEECA4D.9050801@Mozilla-Enigmail.org> David Gray wrote: > > What are peoples thoughts on which is the best option: > > a) copy the secring.gpg & pubring.gpg files to the second user account? > b) export and import the keys to the second user account? > c) add a reference to the second account's gpg.conf file? it depends on what you are trying to accomplish. Any of the above may be the best option for a given set of requirements. If I wish to use my keys on a new machine, option a or redirecting gpg.conf to keyrings (& trustdb) on portable media is probably the route I'd take. If I wanted to share a central keyring of, for example, customer keys, I probably go with option c. > Also could anyone please give me an example of the syntax for adding keyring > references to gpg.conf? no-default-keyring primary-keyring pubring.gpg keyring O:\GnuPG\pubring.gpg keyring strong.gpg keyring trusted.gpg secret-keyring secring.gpg secret-keyring O:\GnuPG\secring.gpg These should be explained in gpg2.man which should be in the share\gnupg directory under gpg2's onstallation directory, default on Windows: C:\Program Files\GNU\GnuPG2\share\gnupg\gpg2.man. It can be read with Notepad -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 679 bytes Desc: OpenPGP digital signature URL: From David.Gray at turpin-distribution.com Mon Nov 2 13:09:00 2009 From: David.Gray at turpin-distribution.com (David Gray) Date: Mon, 2 Nov 2009 12:09:00 -0000 Subject: gpg.conf In-Reply-To: <4AEEC53E.1000107@Mozilla-Enigmail.org> References: <33CE89420E3A834A82E48C2C747A706102923A69@HERMES.turpin-bg.local> <4AEEC53E.1000107@Mozilla-Enigmail.org> Message-ID: <33CE89420E3A834A82E48C2C747A706102923A6C@HERMES.turpin-bg.local> Hello John, Thanks for the man page and skeleton file for gpg.conf, both very useful. The main issue at the moment (thread: "No secret key under different account") is how to access the keyring files under a different account. I'm looking for the best (least duplication of data/settings ) solution to this and someone suggested adding a reference to gpg.conf. I've installed GPG under the 'Administrator' account but the C# executable which runs GPG, will run from a SQL Server 2005 agent job, the account for this is SQLService, therefore this account needs to see the keyrings owned by Administrator. Apart from that it's good to see what else can be changed and the skeleton you sent me is a good place to begin. Regards Dave -----Original Message----- From: John Clizbe [mailto:John at Mozilla-Enigmail.org] Sent: 02 November 2009 11:41 To: David Gray Subject: Re: gpg.conf -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Gray wrote: > Hi > Could anyone point me in the right direction for a manual/examples on > how to edit the gpg.conf file for GnuPG 2.0.12 (GPG 4 Win)? For a server, I'd recommend GnuPG 1.4.10 - at least it comes with the man page Werner has said that gpg4win is more of a desktop application > The pdf manual which gets installed with this kit contains no references > and the readme only tells me that gpg.conf gets created during install. Attached are the gpg man page as well as an (out-of-date, sorry) options.skel that explains a lot of the common options. > I would like to see examples of how to add further keyrings but also > it would be good to know what other options & features could be used > if configured properly. Perhaps if we knew exactly what it is you're trying to accomplish. There are many ways of sharing keyrings, which is best is difficult to say without more information. If you'd like, you may email me directly - -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11-svn5166-2009-09-28 (Windows XP) Comment: When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl! Comment: Be part of the ?33? ECHELON -- Use Strong Encryption. Comment: It's YOUR right - for the time being. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iJwEAQECAAYFAkruxTgACgkQvh+YERi7Nzq3ygP/Qp/hpeIwqEH333cCBoKa4pdX Uyl/HkMDbvY8oLbwCtrNoNEnUvwz6ygubdzFLWuroNrpagGL2nGYaSpXwEaGFrXa vv/lvBaSglW1vYiKqkRWgPTy7pXFuFDcMpXaATP0os+9AK4VGj/z58FV9kyYUJQD 6rsVIirDtx8fJIr9ZAaIRgQBEQIABgUCSu7FOAAKCRAdBKxKYI0qEH+FAKDpTmBs zT2g4m8QTh3+R0FFlP/4QQCgyl0skei7ZzBjbOpo7Zn6d9HdX7w= =bggn -----END PGP SIGNATURE----- From lists at michel-messerschmidt.de Mon Nov 2 12:09:34 2009 From: lists at michel-messerschmidt.de (Michel Messerschmidt) Date: Mon, 2 Nov 2009 12:09:34 +0100 Subject: gpg.conf In-Reply-To: <33CE89420E3A834A82E48C2C747A706102923A69@HERMES.turpin-bg.local> References: <33CE89420E3A834A82E48C2C747A706102923A69@HERMES.turpin-bg.local> Message-ID: <20091102110934.GA4602@rio.matrix> On Mon, Nov 02, 2009 at 10:51:46AM -0000, David Gray wrote: > Could anyone point me in the right direction for a manual/examples > on how to edit the gpg.conf file for GnuPG 2.0.12 (GPG 4 Win)? http://www.gnupg.org/documentation/manuals/gnupg/Invoking-GPG.html#Invoking-GPG Within this manual you'll find: ### gpg.conf This is the standard configuration file read by gpg2 on startup. It may contain any valid long option; the leading two dashes may not be entered and the option may not be abbreviated. This default name may be changed on the command line (see option ?options). You should backup this file. ### Valid options are listed in http://www.gnupg.org/documentation/manuals/gnupg/GPG-Options.html#GPG-Options > I would like to see examples of how to add further keyrings Use the "keyring" option: --keyring file Add file to the current list of keyrings. If file begins with a tilde and a slash, these are replaced by the $HOME directory. If the filename does not contain a slash, it is assumed to be in the GnuPG home directory ("~/.gnupg" if --homedir or $GNUPGHOME is not used). Note that this adds a keyring to the current list. If the intent is to use the specified keyring alone, use --keyring along with --no-default-keyring. HTH, Michel From John at Mozilla-Enigmail.org Mon Nov 2 13:43:23 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Mon, 02 Nov 2009 06:43:23 -0600 Subject: gpg.conf In-Reply-To: <33CE89420E3A834A82E48C2C747A706102923A6C@HERMES.turpin-bg.local> References: <33CE89420E3A834A82E48C2C747A706102923A69@HERMES.turpin-bg.local> <4AEEC53E.1000107@Mozilla-Enigmail.org> <33CE89420E3A834A82E48C2C747A706102923A6C@HERMES.turpin-bg.local> Message-ID: <4AEED3EB.8010505@Mozilla-Enigmail.org> David Gray wrote: > Hello John, > > Thanks for the man page and skeleton file for gpg.conf, both very useful. Anytime > The main issue at the moment (thread: "No secret key under different account") is how > to access the keyring files under a different account. I'm looking for the > best (least duplication of data/settings ) solution to this and someone suggested > adding a reference to gpg.conf. I think that was me :-) > I've installed GPG under the 'Administrator' account but the C# executable > which runs GPG, will run from a SQL Server 2005 agent job, the account for this > is SQLService, therefore this account needs to see the keyrings owned by Administrator. Ok, simple redirection. Same as relocating keys to portable media. In SQLService's gpg.conf, something like: no-default-keyring keyring ..\..\..\Administrator\Applic~1\GnuPG\pubring.gpg secret-keyring ..\..\..\Administrator\Applic~1\GnuPG\secring.gpg trustdb-name ..\..\..\Administrator\Applic~1\GnuPG\trustdb.gpg You'll need to also make sure SQLService has +R+W permissions to those files. Alternatively, as David Shaw pointed out in the other thread, you may invoke gpg/gpg2 with the --homedir option to point it to the directory containing Administrator's keyring and conf files > Apart from that it's good to see what else can be changed and the skeleton you sent me > is a good place to begin. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 679 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Mon Nov 2 16:19:56 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 02 Nov 2009 10:19:56 -0500 Subject: No secret key under different account In-Reply-To: <33CE89420E3A834A82E48C2C747A706102923A68@HERMES.turpin-bg.local> References: <33CE89420E3A834A82E48C2C747A706102923A60@HERMES.turpin-bg.local> <33CE89420E3A834A82E48C2C747A706102923A63@HERMES.turpin-bg.local> <4AEB5A36.9030302@Mozilla-Enigmail.org> <33CE89420E3A834A82E48C2C747A706102923A68@HERMES.turpin-bg.local> Message-ID: <4AEEF89C.2040904@sixdemonbag.org> David Gray wrote: > What are peoples thoughts on which is the best option: I will stay out of this except to say options A and B are substantively identical. Beyond that, this is a system administration question. I know nothing of your system, and that means the best thing I can do is to stay out of it. :) From listac at nebelschwaden.de Mon Nov 2 21:24:23 2009 From: listac at nebelschwaden.de (Ede Wolf) Date: Mon, 2 Nov 2009 21:24:23 +0100 Subject: OpenPGP card usage In-Reply-To: References: Message-ID: <200911022124.23713.listac@nebelschwaden.de> > I admit this is a bit odd, No, it's a pretty natural question. I had the same idea > Now when I take the card to another computer, with an empty keyring, > shouldn't I be able to make use of my private key stored on the card? Wishful thinking. Unfortunately it does not work that way. At least from what I have experienced so far. You need the corresponding public key imported before usage on that new machine/account and run a gpg2 --card-status afterwards to make the key on the card known to gnupg. AFAIK there is no option like --keyring=smartcard So next to the card you also need an usb stick to transport the public key, when using the smartcard on a different account/machine. Not sure wether this is also true for S/MIME. But that would probably need a different kind of smartcard and there is no up to date documentation that I am aware of what recent PKI/X509 cards are properly supported by linux. And maybe you are bound to gnupg anyway. > What am I doing wrong? You are too optimistic about the usage of a smartcart with gnupg ;) However, I am pretty new to this topic, too, so maybe some more experienced user will correct me. From mail at thorsten-alge.de Mon Nov 2 22:30:24 2009 From: mail at thorsten-alge.de (Thorsten Alge) Date: Mon, 02 Nov 2009 22:30:24 +0100 Subject: Create extra keyring Message-ID: <1257197425.8049.11.camel@alexandria> Hi List, i want to organize a signing party and want to collect the keys in an extra keyring as it is mentioned in the singning party howto. The problem is, i dont know how to create an use the keyring but i also couldnt find anything in the FAQ/Doc/manual or anywhere else. Can anybody help? Thx, Thorsten From wk at gnupg.org Tue Nov 3 20:20:13 2009 From: wk at gnupg.org (Werner Koch) Date: Tue, 03 Nov 2009 20:20:13 +0100 Subject: Create extra keyring In-Reply-To: <1257197425.8049.11.camel@alexandria> (Thorsten Alge's message of "Mon, 02 Nov 2009 22:30:24 +0100") References: <1257197425.8049.11.camel@alexandria> Message-ID: <877hu7v2j6.fsf@vigenere.g10code.de> On Mon, 2 Nov 2009 22:30, mail at thorsten-alge.de said: > problem is, i dont know how to create an use the keyring but i also > couldnt find anything in the FAQ/Doc/manual or anywhere else. Can > anybody help? Import all keys and then: gpg --export KEYID1 KEYID2 KEYID3 ... >keyring As long as you don't use the --armor flag you may also append to a keyring, thus you can do something like: : >keyring FOO | xargs gpg --export >>keyring with FOO being a program to generate keyids. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Nov 3 21:47:25 2009 From: wk at gnupg.org (Werner Koch) Date: Tue, 03 Nov 2009 21:47:25 +0100 Subject: tools to test reader's keypad with GnuPG smartcard V2 ? In-Reply-To: <991461084.10702611255978537729.JavaMail.root@zimbra7-e1.priv.proxad.net> (tux tsndcb's message of "Mon, 19 Oct 2009 20:55:37 +0200 (CEST)") References: <991461084.10702611255978537729.JavaMail.root@zimbra7-e1.priv.proxad.net> Message-ID: <87y6mntjxe.fsf@vigenere.g10code.de> On Mon, 19 Oct 2009 20:55, tux.tsndcb at free.fr said: > Could you tell me if you've a debug tools to test reader's keypad with a GnuPG smartcard V2 ? No I don't have any special tools. I debugged it by changing ccid-driver.c. On a higher level there is gpg-connect-agent: > SCD SERIALNO OK > SCD APDU 00 20 xx xx xx xx xx and so on. Note very helpful I guess. Fortunately the v2 cards have a factory reset feature, thus you won't be able to brick the card. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From snope at snope.org Tue Nov 3 20:17:28 2009 From: snope at snope.org (David Lais) Date: Tue, 3 Nov 2009 20:17:28 +0100 Subject: FSFE Fellower Card + LUKS on Startup Message-ID: <200911032017.28349.snope@snope.org> Hi GnuPG-Users, I have been testing the FSFE GnuPG smartcard in the past few days and I find it really cool! However, I have some more questions regarding the card. I have encrypted all of my linux partitions with LUKS and it works really great. Next, I would like to integrate the GnuPG card into the boot process in order to encrypt or to provide the key file. I found a Howto in the ubuntu wiki: https://wiki.ubuntu.com/SmartCardLUKSDiskEncryption. However, in this HowTo, they use a MultiFlex Smartcard and load the key file on the card. In the startup process, the keyfile is read out and sent to LUKS. This step is really simple but how can this work with the gnupg smartcard? I think it is not a problem to decrypt the key file in the startup process, isn't it!? Is it possible to access the card reader (omnikey 4040) and the smartcard via gpg from the initrd ram disk? Has anyone ever tried it in a similar way or are there any alternatives? Finally, is there a HowTo? I would be very happy for any kind of information. Thanks, David From David.Gray at turpin-distribution.com Wed Nov 4 12:43:42 2009 From: David.Gray at turpin-distribution.com (David Gray) Date: Wed, 4 Nov 2009 11:43:42 -0000 Subject: gpg.conf In-Reply-To: <20091102110934.GA4602@rio.matrix> References: <33CE89420E3A834A82E48C2C747A706102923A69@HERMES.turpin-bg.local> <20091102110934.GA4602@rio.matrix> Message-ID: <33CE89420E3A834A82E48C2C747A706102923A8D@HERMES.turpin-bg.local> Hi Michel, Thanks for the information, most useful. Regards David -----Original Message----- From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of Michel Messerschmidt Sent: 02 November 2009 11:10 To: gnupg-users at gnupg.org Subject: Re: gpg.conf On Mon, Nov 02, 2009 at 10:51:46AM -0000, David Gray wrote: > Could anyone point me in the right direction for a manual/examples > on how to edit the gpg.conf file for GnuPG 2.0.12 (GPG 4 Win)? http://www.gnupg.org/documentation/manuals/gnupg/Invoking-GPG.html#Invoking-GPG Within this manual you'll find: ### gpg.conf This is the standard configuration file read by gpg2 on startup. It may contain any valid long option; the leading two dashes may not be entered and the option may not be abbreviated. This default name may be changed on the command line (see option ?options). You should backup this file. ### Valid options are listed in http://www.gnupg.org/documentation/manuals/gnupg/GPG-Options.html#GPG-Options > I would like to see examples of how to add further keyrings Use the "keyring" option: --keyring file Add file to the current list of keyrings. If file begins with a tilde and a slash, these are replaced by the $HOME directory. If the filename does not contain a slash, it is assumed to be in the GnuPG home directory ("~/.gnupg" if --homedir or $GNUPGHOME is not used). Note that this adds a keyring to the current list. If the intent is to use the specified keyring alone, use --keyring along with --no-default-keyring. HTH, Michel _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From snope at snope.org Wed Nov 4 13:40:48 2009 From: snope at snope.org (David Lais) Date: Wed, 4 Nov 2009 13:40:48 +0100 Subject: FSFE Fellower Card + LUKS on Startup In-Reply-To: <802328AB63C94EA081ABDF6BA3DB3F0F@zentrumvegan> References: <200911032017.28349.snope@snope.org> <802328AB63C94EA081ABDF6BA3DB3F0F@zentrumvegan> Message-ID: <200911041340.48247.snope@snope.org> Sorry, I have sent this message only one time. I have no idea why this happend! :-( Am Mittwoch, 4. November 2009 13:10:52 schrieb gerry_lowry (alliston ontario canada (705) 250-0112): > David ..... you are sending this over and over and over ......... I have > this message 21 times. > > What's going on? > > Please stop. One copy is enough ... if someone has time to answer your > question, they will. > > Thank you. > > > ----- Original Message ----- > From: "David Lais" > To: <> > Sent: Tuesday, November 03, 2009 2:17 PM > Subject: FSFE Fellower Card + LUKS on Startup > > > Hi GnuPG-Users, > > I have been testing the FSFE GnuPG smartcard in the past few days and I > find it really cool! However, I have some more questions regarding the > card. > > I have encrypted all of my linux partitions with LUKS and it works really > great. Next, I would like to integrate the GnuPG card into the boot process > in order to encrypt or to provide the key file. I found a Howto in the > ubuntu wiki: https://wiki.ubuntu.com/SmartCardLUKSDiskEncryption. However, > in this HowTo, they use a MultiFlex Smartcard and load the key file on the > card. In the startup process, the keyfile is read out and sent to LUKS. > This step is really simple but how can this work with the gnupg smartcard? > > I think it is not a problem to decrypt the key file in the startup process, > isn't it!? Is it possible to access the card reader (omnikey 4040) and the > smartcard via gpg from the initrd ram disk? Has anyone ever tried it in a > similar way or are there any alternatives? Finally, is there a HowTo? > > I would be very happy for any kind of information. > > Thanks, > David > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From gerry.lowry at abilitybusinesscomputerservices.com Wed Nov 4 13:10:52 2009 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry_lowry (alliston ontario canada (705) 250-0112)) Date: Wed, 4 Nov 2009 07:10:52 -0500 Subject: FSFE Fellower Card + LUKS on Startup References: <200911032017.28349.snope@snope.org> Message-ID: <802328AB63C94EA081ABDF6BA3DB3F0F@zentrumvegan> David ..... you are sending this over and over and over ......... I have this message 21 times. What's going on? Please stop. One copy is enough ... if someone has time to answer your question, they will. Thank you. ----- Original Message ----- From: "David Lais" To: <> Sent: Tuesday, November 03, 2009 2:17 PM Subject: FSFE Fellower Card + LUKS on Startup Hi GnuPG-Users, I have been testing the FSFE GnuPG smartcard in the past few days and I find it really cool! However, I have some more questions regarding the card. I have encrypted all of my linux partitions with LUKS and it works really great. Next, I would like to integrate the GnuPG card into the boot process in order to encrypt or to provide the key file. I found a Howto in the ubuntu wiki: https://wiki.ubuntu.com/SmartCardLUKSDiskEncryption. However, in this HowTo, they use a MultiFlex Smartcard and load the key file on the card. In the startup process, the keyfile is read out and sent to LUKS. This step is really simple but how can this work with the gnupg smartcard? I think it is not a problem to decrypt the key file in the startup process, isn't it!? Is it possible to access the card reader (omnikey 4040) and the smartcard via gpg from the initrd ram disk? Has anyone ever tried it in a similar way or are there any alternatives? Finally, is there a HowTo? I would be very happy for any kind of information. Thanks, David _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From brad at fineby.me.uk Wed Nov 4 14:12:24 2009 From: brad at fineby.me.uk (Brad Rogers) Date: Wed, 4 Nov 2009 13:12:24 +0000 Subject: FSFE Fellower Card + LUKS on Startup In-Reply-To: <802328AB63C94EA081ABDF6BA3DB3F0F@zentrumvegan> References: <200911032017.28349.snope@snope.org> <802328AB63C94EA081ABDF6BA3DB3F0F@zentrumvegan> Message-ID: <20091104131224.38f8add7@abydos.stargate.org.uk> On Wed, 4 Nov 2009 07:10:52 -0500 "gerry_lowry \(alliston ontario canada \(705\) 250-0112\)" wrote: Hello gerry_lowry, > David ..... you are sending this over and over and over ......... I > have this message 21 times. I only got one copy here. Maybe a server somewhere between the ML server and your inbox snafu'd. -- Regards _ / ) "The blindingly obvious is / _)rad never immediately apparent" Well you tried it just the once and found it alright for kicks Orgasm Addict - Buzzcocks -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: not available URL: From rjh at sixdemonbag.org Wed Nov 4 15:28:03 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 04 Nov 2009 09:28:03 -0500 Subject: FSFE Fellower Card + LUKS on Startup In-Reply-To: <802328AB63C94EA081ABDF6BA3DB3F0F@zentrumvegan> References: <200911032017.28349.snope@snope.org> <802328AB63C94EA081ABDF6BA3DB3F0F@zentrumvegan> Message-ID: <4AF18F73.5010000@sixdemonbag.org> gerry_lowry (alliston ontario canada (705) 250-0112) wrote: > David ..... you are sending this over and over and over ......... I > have this message 21 times. > > What's going on? > > Please stop. One copy is enough ... if someone has time to answer > your question, they will. It is likely not his fault. The last two times this has happened it's been because the GnuPG mailing list's server has run out of disk space. The server gets wedged and begins to act out in this particular way. Let's all take a deep breath, back off, and wait for word from Werner about what happened. And let's especially not dogpile on the newcomer: that's not a very nice thing to do. The last time the mailing list got wedged like this, I was the one who wrote the email that got sent out dozens of times. You'd be appalled at how many rude, profane and offensive messages I received from people telling me to stop spamming the list. From gerry.lowry at abilitybusinesscomputerservices.com Wed Nov 4 15:39:53 2009 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry_lowry (alliston ontario canada (705) 250-0112)) Date: Wed, 4 Nov 2009 09:39:53 -0500 Subject: FSFE Fellower Card + LUKS on Startup References: <200911032017.28349.snope@snope.org> <802328AB63C94EA081ABDF6BA3DB3F0F@zentrumvegan> <4AF18F73.5010000@sixdemonbag.org> Message-ID: <73AB0C2C4DE44512A2BE037DE8393F29@zentrumvegan> I do hope I was not perceived as being rude. I was not intending to be rude. "Robert J. Hansen" wrote in part: . You'd be appalled at how many rude, profane and offensive messages I received from people telling me to stop spamming the list. Yes, appalled but not surprised. Given the stress level of most of us, I'm not surprised that some people sometimes react in unkind ways. Thank you, Robert, for reminding us to be patient and understanding. Gerry Free Appointment Reminders: https://www.apprem.com Resume: http://gerrylowryprogrammer.com From wk at gnupg.org Wed Nov 4 16:03:00 2009 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Nov 2009 16:03:00 +0100 Subject: FSFE Fellower Card + LUKS on Startup In-Reply-To: <4AF18F73.5010000@sixdemonbag.org> (Robert J. Hansen's message of "Wed, 04 Nov 2009 09:28:03 -0500") References: <200911032017.28349.snope@snope.org> <802328AB63C94EA081ABDF6BA3DB3F0F@zentrumvegan> <4AF18F73.5010000@sixdemonbag.org> Message-ID: <87zl72qqmz.fsf@vigenere.g10code.de> On Wed, 4 Nov 2009 15:28, rjh at sixdemonbag.org said: > It is likely not his fault. The last two times this has happened it's > been because the GnuPG mailing list's server has run out of disk space. Exactly. > The server gets wedged and begins to act out in this particular way. Mailman figures that it was not able to sent a message and retries it every hour. If Exim does not need to spool it, it sends it out to some sites but returns an error and Mailman does not know which messages have been delivered. Mailman then restarts from scratch the next hour. The deeper cause of this problem is that this Mailman does not log to the same partition as Exim and thus is not affexted by the disk full error. Right, I should do something about it. Unfortunately it always happens over the weekend or in the night. No 24/7 service for gnupg.org. Sorry, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ph at sevencs.com Wed Nov 4 16:34:13 2009 From: ph at sevencs.com (Knud Pehrs) Date: Wed, 4 Nov 2009 16:34:13 +0100 Subject: Signature check with libgpgme-11.dll Message-ID: <35932AA3CBC336449141A46A9F0FAF3D2FD7A2@BARNEY.sevencs.net> Hello! I have a problem to use the functions of libgpgme-11.dll in my application. I have downloaded the gnupg-1.4.10, libgpg-error-1.7 and gpg_MadeEasy_1.1.8. All three packages were installed to c:\usr\local\bin The gnupg-1.4.10 and libgpg-error-1.7 were build with ./configure, make, make install. I have patched the gnupg-1.4.10 as described by Carlo Luciano Bianco. The gpg_MadeEasy_1.1.8 was configured with ./configure --prefix=c:/usr/local --enable-static --with-gpg=c:/usr/local --without-gpgsm and build with make and make install. To build the libraries I used MINGW32. My operating system is WinXP and Visual Studio 2005 (C++). In my application I load the libgpgme-11.dll via LoadLibrary(...). I init GPGME like: GPGSETLOCALE pSetLocale = (GPGSETLOCALE) GetProcAddress( hMod, "gpgme_set_locale" ); if( pSetLocale != NULL ) { GPGVERSIONCHK pVersionChk = (GPGVERSIONCHK) GetProcAddress( hMod, "gpgme_check_version" ); if( pVersionChk != NULL ) { setlocale (LC_ALL, ""); pVersionChk( NULL ); // gpgme_check_version pSetLocale( NULL, LC_CTYPE, setlocale( LC_CTYPE, NULL ) ); // gpgme_set_locale } GPGSETENGINEINFO pSetEngineInfo =(GPGSETENGINEINFO)GetProcAddress( hMod, gpgme_set_engine_info" ); if( pSetEngineInfo != NULL ) { gpgme_error_t error = pSetEngineInfo( GPGME_PROTOCOL_OpenPGP, "gpg.exe", C:/usr/local/bin" ); if( error != GPG_ERR_NO_ERROR) // gpgme_set_engine_info { freeResult = FreeLibrary( hMod ); // free the DLL module return false; } } I init CTX like: // *** INIT CTX *** GPGNEWDATA pNewData = (GPGNEWDATA) GetProcAddress( hMod, "gpgme_new" ); if( pNewData != NULL ) { gpgme_error_t error = pNewData( &ctx ); if( error != GPG_ERR_NO_ERROR ) { GPGRELDATA pRelData = (GPGRELDATA) GetProcAddress( hMod, "gpgme_data_release" ); if( pRelData != NULL ) pRelData( keydata ); freeResult = FreeLibrary( hMod ); // free the DLL module return false; } } I read the public key file like: GPGRead pRead = (GPGRead) GetProcAddress( hMod, "gpgme_data_new_from_file" ); if( pRead != NULL ) { err = pRead( &keydata, cipher_2_asc, 1 ); // Method: gpgme_data_new_from_file if( err != GPG_ERR_NO_ERROR ) { // could not create a new data buffer GPGRELDATA pRelData = (GPGRELDATA) GetProcAddress( hMod, "gpgme_data_release" ); if( pRelData != NULL ) pRelData( keydata ); freeResult = FreeLibrary( hMod ); // free the DLL module return false; } } But if I import the public key file into the context CTX like following code I get the error 117440662 (invalid crypto engine). GPGIMPORT pImport = (GPGIMPORT) GetProcAddress( hMod, "gpgme_op_import" ); if( pImport != NULL ) { err = pImport( ctx, keydata ); // Method: gpgme_op_import if( err != GPG_ERR_NO_ERROR ) { // could not import public key file GPGRELDATA pRelData = (GPGRELDATA) GetProcAddress( hMod, "gpgme_data_release" ); if( pRelData != NULL ) pRelData( keydata ); GPGRELCTX pRelCTX = (GPGRELCTX) GetProcAddress( hMod, "gpgme_release" ); if( pRelCTX != NULL ) pRelCTX( ctx ); freeResult = FreeLibrary( hMod ); // free the DLL module return false; } } If I test the following I get the ErrorCode GPG_ERR_INV_ENGINE GPGENGINECHK pEngineChk = (GPGENGINECHK) GetProcAddress( hMod, "gpgme_engine_check_version" ); if( pEngineChk != NULL ) { if( pEngineChk( GPGME_PROTOCOL_OpenPGP ) == GPG_ERR_NO_ERROR ) ... The version no. of the engine cannot found but the file_name can. Do you have any ideas how I can fix this error (compile gnupg-1.4.10 with valid crypto engine)? If you need more details please let me know! A soon answer would be appreciated! Thank you very much and best regards Knud Pehrs Software-Development SevenCs GmbH Ruhrstrasse 90, D-22761 Hamburg Tel. +49-(0)40 851 72 40 Fax. +49-(0)40 851 72 479 www.sevencs.com Handelsregister: Amtsgericht Hamburg HRB 102941 Gesch?ftsf?hrer: John Humphrey From wk at gnupg.org Wed Nov 4 17:20:50 2009 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Nov 2009 17:20:50 +0100 Subject: FSFE Fellower Card + LUKS on Startup In-Reply-To: <200911032017.28349.snope@snope.org> (David Lais's message of "Tue, 3 Nov 2009 20:17:28 +0100") References: <200911032017.28349.snope@snope.org> Message-ID: <87vdhqqn19.fsf@vigenere.g10code.de> On Tue, 3 Nov 2009 20:17, snope at snope.org said: > wiki: https://wiki.ubuntu.com/SmartCardLUKSDiskEncryption. However, in this > HowTo, they use a MultiFlex Smartcard and load the key file on the card. In > the startup process, the keyfile is read out and sent to LUKS. This step is > really simple but how can this work with the gnupg smartcard? Our card has 4 simple PIN protected data fields which can be used for that. I think it is not fully documented how to access them. Here are some hints: If all 4 private DOs are set and you start gpg --card-edit, you will see Private DO 1 .....: This is private DO 1 Private DO 2 .....: This is private DO 2 After entering the command "verify", entering your PIN followed by "list" you get: Private DO 1 .....: This is private DO 1 Private DO 2 .....: This is private DO 2 Private DO 3 .....: This is private DO 3 After entering the command "admin verify", entering your Admin PIN followed by "list" you get: Private DO 1 .....: This is private DO 1 Private DO 2 .....: This is private DO 2 Private DO 3 .....: This is private DO 3 Private DO 4 .....: This is private DO 4 Thus you can see that DO 1 and 2 are always readable; thus not usable for your application. DO3 is readabale after presenting the PIN and DO4 is reaabale after resentng the Admin PIN. Now let us change a DO: Command> privatedo 1 Private DO data: Changed DO 1 > You had to enter your PIN for that to work. With DO2 you need the Admin pin. Same goes for DO3 (PIN) and DO4 (Admin PIN). Thus for your application I suggest to use DO3. You may store up to 254 bytes there (some cards evenmore). You may also read data in from a file: Command> privatedo 1 scd getattr PRIVATE-DO-1 S PRIVATE-DO-1 Changed+DO+1 OK If you would have asked for DO3 the Pinentry would have popped up and asked you for the PIN. With scdaemon you leave out the "scd " but you must be prepared to return the PIN on request (as reply to an INQUIRY line). > I think it is not a problem to decrypt the key file in the startup process, > isn't it!? Is it possible to access the card reader (omnikey 4040) and the > smartcard via gpg from the initrd ram disk? Has anyone ever tried it in a I have not experience with initrd. Another option would be to wait a while and use the new g13 tool which is part of the new development branch of GnuPG. It is fully integrated into GnuPG and provides a platform independent replacement for LUKS. For now only Encfs is supported but the system is designed to support all kinds of backends (Even one on top of LUKS is possible). The advantage of G13 is that you use real public key cryptography and thus your actual private key never leaves the card - it is only used to encrypt the bulk encryption key(s). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dshaw at jabberwocky.com Wed Nov 4 19:34:49 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 4 Nov 2009 13:34:49 -0500 Subject: Interesting article on password guessing via cloud computing Message-ID: <051C6C6D-F540-4024-A9BB-59C78B0C1C7B@jabberwocky.com> http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html This is not, of course, an OpenPGP "crack", but rather high-speed password guessing. The nice thing about cloud password guessing is it enables people to spin up massive cracking farms without actually having to manage the racks and racks of running hardware. David From josselin.jacquard at gmail.com Wed Nov 4 21:33:28 2009 From: josselin.jacquard at gmail.com (Josselin Jacquard) Date: Wed, 4 Nov 2009 21:33:28 +0100 Subject: Interesting article on password guessing via cloud computing In-Reply-To: <051C6C6D-F540-4024-A9BB-59C78B0C1C7B@jabberwocky.com> References: <051C6C6D-F540-4024-A9BB-59C78B0C1C7B@jabberwocky.com> Message-ID: <8fc486710911041233sa45eb69nbf89e4dc36eb4529@mail.gmail.com> Yes but you're supposed to pay to use ressource on a cloud system arn't you ? Is it usable computing for free ? 2009/11/4 David Shaw > http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html > > This is not, of course, an OpenPGP "crack", but rather high-speed password > guessing. The nice thing about cloud password guessing is it enables people > to spin up massive cracking farms without actually having to manage the > racks and racks of running hardware. > > David > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From dshaw at jabberwocky.com Thu Nov 5 02:03:36 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 4 Nov 2009 20:03:36 -0500 Subject: Interesting article on password guessing via cloud computing In-Reply-To: <8fc486710911041233sa45eb69nbf89e4dc36eb4529@mail.gmail.com> References: <051C6C6D-F540-4024-A9BB-59C78B0C1C7B@jabberwocky.com> <8fc486710911041233sa45eb69nbf89e4dc36eb4529@mail.gmail.com> Message-ID: <46E55BDC-0C96-4FD3-9339-92C7E9DE0543@jabberwocky.com> On Nov 4, 2009, at 3:33 PM, Josselin Jacquard wrote: > Yes but you're supposed to pay to use ressource on a cloud system > arn't you ? Is it usable computing for free ? Of course not. Where did anyone say it was free? I said "The nice thing about cloud password guessing is it enables people to spin up massive cracking farms without actually having to manage the racks and racks of running hardware." Running hundreds of machines is difficult and expensive in terms of the physical plant: lots of racks, lots of cooling, lots of electricity, lots of management. Amazon does all that for you (and charges you for it, of course). Given Amazon's size, they can generally do the messy part of managing hundreds of machines (especially since they are virtual machines) cheaper than you can. David From vedaal at hush.com Thu Nov 5 16:05:19 2009 From: vedaal at hush.com (vedaal at hush.com) Date: Thu, 05 Nov 2009 10:05:19 -0500 Subject: Interesting article on password guessing via cloud computing Message-ID: <20091105150519.C76832803F@smtp.hushmail.com> David Shaw wrote on 2009-11-04 18:34:49 : >This is not, of course, an OpenPGP "crack", but rather high-speed >password guessing. a trivial way to defeat this, would be to provide each client with a pgp keypair, (physically presented to the client upon the initial transaction agreement), and then encrypt the zipfile to a key and not even use a passphrase what would be even more interesting, is if it could be done in a way that truecrypt uses to protect its encrypted volumes, where the user can choose to use a keyfile as well as a passphrase, but it cannot be determined before decryption if a keyfile, passphrase, both or only one, has been used so, imagine if a client has a zipfile encrypted to both a trivial password and to a pgp key, and it is not determinable from the encrypted file itself, if it was encrypted to a key as well, all the cloud computing resources available will merrily spin themselves into exhaustion ubtil they decide that the passphrase is 'probably too long and complex to crack' vedaal From rjh at sixdemonbag.org Thu Nov 5 17:59:33 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 05 Nov 2009 11:59:33 -0500 Subject: Interesting article on password guessing via cloud computing In-Reply-To: <20091105150519.C76832803F@smtp.hushmail.com> References: <20091105150519.C76832803F@smtp.hushmail.com> Message-ID: <4AF30475.1060002@sixdemonbag.org> vedaal at hush.com wrote: > a trivial way to defeat this, An even more trivial way is to use a strong passphrase. It's generally wise to use the smallest hammer necessary to drive in the nail. From wk at gnupg.org Thu Nov 5 21:04:27 2009 From: wk at gnupg.org (Werner Koch) Date: Thu, 05 Nov 2009 21:04:27 +0100 Subject: gpg-error.h possible(?) syntax error: #define GPG_ERR_SYSTEM_ERROR (1 << 15) In-Reply-To: <143041db0911010204k60ca4b7cn214dc03447f09c8c@mail.gmail.com> (Hedge Hog's message of "Sun, 1 Nov 2009 21:04:55 +1100") References: <143041db0911010204k60ca4b7cn214dc03447f09c8c@mail.gmail.com> Message-ID: <87my30pwl0.fsf@vigenere.g10code.de> On Sun, 1 Nov 2009 11:04, hedgehogshiatus at gmail.com said: > It is not clear to me if this is an problem with gpg-error.h or swig. The same code with some context: typedef enum { GPG_ERR_NO_ERROR = 0, GPG_ERR_GENERAL = 1, [...] GPG_ERR_EOF = 16383, /* The following error codes are used to map system errors. */ #define GPG_ERR_SYSTEM_ERROR (1 << 15) GPG_ERR_E2BIG = GPG_ERR_SYSTEM_ERROR | 0, GPG_ERR_EACCES = GPG_ERR_SYSTEM_ERROR | 1, [...] /* This is one more than the largest allowed entry. */ GPG_ERR_CODE_DIM = 65536 } gpg_err_code_t; Swig seems to tumble over the #define preprocessor directive within a typedef for an enum. That is clearly a swig problem. To fix this you may run (a working) cpp over gpg-error.h and passing its output to swig. ("cpp gpg-error.h >gpg-error.i") Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ph at sevencs.com Fri Nov 6 13:51:28 2009 From: ph at sevencs.com (Knud Pehrs) Date: Fri, 6 Nov 2009 13:51:28 +0100 Subject: HELP - IMPORTANT - Signature check with libgpgme-11.dll Message-ID: <35932AA3CBC336449141A46A9F0FAF3D2FD86A@BARNEY.sevencs.net> Hello! I have a problem to use the functions of libgpgme-11.dll in my application. I have downloaded the gnupg-1.4.10, libgpg-error-1.7 and gpg_MadeEasy_1.1.8. All three packages were installed to c:\usr\local\bin The gnupg-1.4.10 and libgpg-error-1.7 were build with ./configure, make, make install. I have patched the gnupg-1.4.10 as described by Carlo Luciano Bianco. The gpg_MadeEasy_1.1.8 was configured with ./configure --prefix=c:/usr/local --enable-static --with-gpg=c:/usr/local --without-gpgsm and build with make and make install. To build the libraries I used MINGW32. My operating system is WinXP and Visual Studio 2005 (C++). In my application I load the libgpgme-11.dll via LoadLibrary(...). I init GPGME like: GPGSETLOCALE pSetLocale = (GPGSETLOCALE) GetProcAddress( hMod, "gpgme_set_locale" ); if( pSetLocale != NULL ) { GPGVERSIONCHK pVersionChk = (GPGVERSIONCHK) GetProcAddress( hMod, "gpgme_check_version" ); if( pVersionChk != NULL ) { setlocale (LC_ALL, ""); pVersionChk( NULL ); // gpgme_check_version pSetLocale( NULL, LC_CTYPE, setlocale( LC_CTYPE, NULL ) ); // gpgme_set_locale } GPGSETENGINEINFO pSetEngineInfo =(GPGSETENGINEINFO)GetProcAddress( hMod, gpgme_set_engine_info" ); if( pSetEngineInfo != NULL ) { gpgme_error_t error = pSetEngineInfo( GPGME_PROTOCOL_OpenPGP, "gpg.exe", C:/usr/local/bin" ); if( error != GPG_ERR_NO_ERROR) // gpgme_set_engine_info { freeResult = FreeLibrary( hMod ); // free the DLL module return false; } } I init CTX like: // *** INIT CTX *** GPGNEWDATA pNewData = (GPGNEWDATA) GetProcAddress( hMod, "gpgme_new" ); if( pNewData != NULL ) { gpgme_error_t error = pNewData( &ctx ); if( error != GPG_ERR_NO_ERROR ) { GPGRELDATA pRelData = (GPGRELDATA) GetProcAddress( hMod, "gpgme_data_release" ); if( pRelData != NULL ) pRelData( keydata ); freeResult = FreeLibrary( hMod ); // free the DLL module return false; } } I read the public key file like: GPGRead pRead = (GPGRead) GetProcAddress( hMod, "gpgme_data_new_from_file" ); if( pRead != NULL ) { err = pRead( &keydata, cipher_2_asc, 1 ); // Method: gpgme_data_new_from_file if( err != GPG_ERR_NO_ERROR ) { // could not create a new data buffer GPGRELDATA pRelData = (GPGRELDATA) GetProcAddress( hMod, "gpgme_data_release" ); if( pRelData != NULL ) pRelData( keydata ); freeResult = FreeLibrary( hMod ); // free the DLL module return false; } } But if I import the public key file into the context CTX like following code I get the error 117440662 (invalid crypto engine). GPGIMPORT pImport = (GPGIMPORT) GetProcAddress( hMod, "gpgme_op_import" ); if( pImport != NULL ) { err = pImport( ctx, keydata ); // Method: gpgme_op_import if( err != GPG_ERR_NO_ERROR ) { // could not import public key file GPGRELDATA pRelData = (GPGRELDATA) GetProcAddress( hMod, "gpgme_data_release" ); if( pRelData != NULL ) pRelData( keydata ); GPGRELCTX pRelCTX = (GPGRELCTX) GetProcAddress( hMod, "gpgme_release" ); if( pRelCTX != NULL ) pRelCTX( ctx ); freeResult = FreeLibrary( hMod ); // free the DLL module return false; } } If I test the following I get the ErrorCode GPG_ERR_INV_ENGINE GPGENGINECHK pEngineChk = (GPGENGINECHK) GetProcAddress( hMod, "gpgme_engine_check_version" ); if( pEngineChk != NULL ) { if( pEngineChk( GPGME_PROTOCOL_OpenPGP ) == GPG_ERR_NO_ERROR ) ... The version no. of the engine cannot found but the file_name can. Do you have any ideas how I can fix this error (compile gnupg-1.4.10 with valid crypto engine)? If you need more details please let me know! I need some help as soon as possible! Thank you very much and best regards Knud Pehrs Software-Development SevenCs GmbH Ruhrstrasse 90, D-22761 Hamburg Tel. +49-(0)40 851 72 40 Fax. +49-(0)40 851 72 479 www.sevencs.com Handelsregister: Amtsgericht Hamburg HRB 102941 Gesch?ftsf?hrer: John Humphrey From ph at sevencs.com Wed Nov 4 14:38:15 2009 From: ph at sevencs.com (Knud Pehrs) Date: Wed, 4 Nov 2009 14:38:15 +0100 Subject: Signature check with libgpgme-11.dll Message-ID: <35932AA3CBC336449141A46A9F0FAF3D2FD793@BARNEY.sevencs.net> Hello! I have a problem to use the functions of libgpgme-11.dll in my application. I have downloaded the gnupg-1.4.10, libgpg-error-1.7 and gpg_MadeEasy_1.1.8. All three packages were installed to c:\usr\local\bin The gnupg-1.4.10 and libgpg-error-1.7 were build with ./configure, make, make install. The gpg_MadeEasy_1.1.8 was configured with ./configure --prefix=/usr --enable-static --with-gpg=/usr/bin/gpg --without-gpgsm --disable-largefile --without-pth-test and build with make and make install. To build the libraries I used MINGW32. My operating system is WinXP and Visual Studio 2005 (C++). I my application I load the libgpgme-11.dll via LoadLibrary(...). If I start the app and init the GPGME I get always the same error 117440662 (invalid crypto engine) Here is my initialization of GPGME: GPGSETLOCALE pSetLocale = (GPGSETLOCALE) GetProcAddress( hMod, "gpgme_set_locale" ); if( pSetLocale != NULL ) { GPGVERSIONCHK pVersionChk = (GPGVERSIONCHK) GetProcAddress( hMod, "gpgme_check_version" ); if( pVersionChk != NULL ) { setlocale (LC_ALL, ""); pVersionChk( NULL ); // gpgme_check_version pSetLocale( NULL, LC_CTYPE, setlocale( LC_CTYPE, NULL ) ); // gpgme_set_locale } GPGSETENGINEINFO pSetEngineInfo =(GPGSETENGINEINFO)GetProcAddress( hMod, gpgme_set_engine_info" ); if( pSetEngineInfo != NULL ) { // ******** HERE OCCURS THE ERROR 117440662 (invalid crypto engine) ********** gpgme_error_t error = pSetEngineInfo( GPGME_PROTOCOL_OpenPGP, "gpg.exe", C:/usr/local/bin" ); if( error != GPG_ERR_NO_ERROR) // gpgme_set_engine_info { freeResult = FreeLibrary( hMod ); // free the DLL module return false; } } Have you any ideas how I can fix this error and what's the reason of this error is? If you need more detailed information please let me know! A soon answer would be appreciated! Thank you very much and best regards Knud Pehrs Software-Development SevenCs GmbH Ruhrstrasse 90, D-22761 Hamburg Tel. +49-(0)40 851 72 40 Fax. +49-(0)40 851 72 479 www.sevencs.com Handelsregister: Amtsgericht Hamburg HRB 102941 Gesch?ftsf?hrer: John Humphrey From mephisto at fastmail.net Sun Nov 8 01:48:01 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Sat, 7 Nov 2009 19:48:01 -0500 Subject: gpg rejects SHA224 with DSA-2048 Message-ID: <20091108004801.GA27985@opensolaris.myhome.westell.com> If I attempt to create a data signature using a 2048-bit DSA signing key, and the SHA224 hash algorithm, GnuPG complains as follows: ~ $ gpg -u A39CE7E5 --digest-algo H11 -b test.txt ... 2048-bit DSA key, ID A39CE7E5, created 2009-11-02 (main key ID 14CA0E78) gpg: writing to `test.txt.asc' gpg: DSA key A39CE7E5 requires a 256 bit or larger hash gpg: signing failed: general error ~ $ However, RFC4880 and FIPS186 clearly state: ...that DSA be used in one of the following ways: ... * 2048-bit key, 224-bit q, SHA-224, SHA-256, SHA-384, or SHA-512 hash ... To the best of my knowledge, DSA with a 2048-bit key length only uses 224 bits of hash material. So, even if GnuPG insists that a 256 hash be used, the digest is being truncated to 224 bits anyway. While I realize that the SHA224 algo is essentially the SHA256 algo set to spit out 224 bits--and therefore the difference between invoking SHA224 vs. invoking SHA256 and truncating is essentially academic--it still seems odd that GnuPG would reject SHA224 out of hand. If nothing else, it does not seem to be in keeping with the OpenPGP standard. Does anybody know why GnuPG rejects SHA224 with 2048-bit DSA signing keys? From mephisto at fastmail.net Sun Nov 8 03:25:24 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Sat, 7 Nov 2009 21:25:24 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <20091108004801.GA27985@opensolaris.myhome.westell.com> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> Message-ID: <20091108022524.GA3474@opensolaris.myhome.westell.com> On Sat, Nov 07, 2009 at 07:48:01PM -0500 I wrote: > However, RFC4880 and FIPS186 clearly state: > > ...that DSA be used in one of the following ways: > > ... > > * 2048-bit key, 224-bit q, SHA-224, SHA-256, SHA-384, or SHA-512 > hash > > ... > I should clarify that I understand the same specification goes on to approve 2048-bit DSA with a 256-bit q, and I may have been mistaken in believing that use of 2048-bit DSA will necessarily truncate the value of q to 224 bits (perhaps someone could enlighten me as to whether or not this happens). In either case, however, the OpenPGP standard does specify that SHA224 can be used with 2048-bit DSA. So, my question as to why GnuPG refuses that combination still stands. My guess is that perhaps since there is no real advantage to using SHA224 when SHA256 is available, it is simply not implemented. But I would appreciate it if someone with more knowledge were to give me an authoritative answer. Thanks, Kevin -- "Le hasard favorise l'esprit pr?par?." --Louis Pasteur From rjh at sixdemonbag.org Sun Nov 8 03:44:23 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 07 Nov 2009 21:44:23 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <20091108004801.GA27985@opensolaris.myhome.westell.com> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> Message-ID: <4AF63087.1080602@sixdemonbag.org> Kevin Kammer wrote: > If I attempt to create a data signature using a 2048-bit DSA signing > key, and the SHA224 hash algorithm, GnuPG complains as follows: > > ~ $ gpg -u A39CE7E5 --digest-algo H11 -b test.txt Your key is not on the keyserver network, so that will impair our ability to help you out with this. It appears that your key is actually 14CA0E78. To tell it to use a particular subkey, you need to append a "!" to the subkey ID. Otherwise, I believe GnuPG's behavior is to look at the certificate that subkey belongs to, and use the largest signing subkey on that certificate. If you have a 3072-bit signing subkey on 14CA0E78, this would explain your problem. Try: ~ $ gpg -u A39CE7E5! --digest-algo H11 -b test.txt From mephisto at fastmail.net Sun Nov 8 04:24:12 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Sat, 7 Nov 2009 22:24:12 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <4AF63087.1080602@sixdemonbag.org> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> Message-ID: <20091108032412.GA6188@opensolaris.myhome.westell.com> On Sat, Nov 07, 2009 at 09:44:23PM -0500 Also sprach Robert J. Hansen: > Kevin Kammer wrote: > > If I attempt to create a data signature using a 2048-bit DSA signing > > key, and the SHA224 hash algorithm, GnuPG complains as follows: > > > > ~ $ gpg -u A39CE7E5 --digest-algo H11 -b test.txt > > Your key is not on the keyserver network, so that will impair our > ability to help you out with this. > > It appears that your key is actually 14CA0E78. To tell it to use a > particular subkey, you need to append a "!" to the subkey ID. > Otherwise, I believe GnuPG's behavior is to look at the certificate that > subkey belongs to, and use the largest signing subkey on that > certificate. If you have a 3072-bit signing subkey on 14CA0E78, this > would explain your problem. > > Try: > > ~ $ gpg -u A39CE7E5! --digest-algo H11 -b test.txt > > My fault for not including the complete shell output from the command, but GnuPG does indicate that it is using 2048-bit subkey A39CE7E5. I had already tried it with "!" just to be sure, but the result was the same, as is the result of attempting this with a 2048-bit primary key. Regardless of whether it is a sub-key or a primary, GnuPG just seems to mandate the use of SHA256 with 2048-bit DSA. This is not necessarily a bad thing, but it is not "by the book," so I am trying to ascertain why. From marelovic at gmail.com Sun Nov 8 16:24:01 2009 From: marelovic at gmail.com (Marko Randjelovic) Date: Sun, 8 Nov 2009 16:24:01 +0100 Subject: I am sure I did not forget my passphrase Message-ID: <34a893b70911080724i6b688d4w48fcd58f62e0bc0d@mail.gmail.com> What I know is simple. I created a key today and tried it signing one file and it worked. Now, few hours later, I cannot do anything, and a message is wrong passphrase. I checked mod.time of secret keyring and it looks like was not modified in meanwhile. I am really confused, sure not have modified my passphrase, nor forget it, but it simply does not work anymore. Is there a way to check if secret key info was modified? -------------- next part -------------- An HTML attachment was scrubbed... URL: From dion at thinkmoult.com Sun Nov 8 17:19:22 2009 From: dion at thinkmoult.com (Dion Moult) Date: Mon, 9 Nov 2009 00:19:22 +0800 Subject: Finding key ID of a keypair Message-ID: <200911090019.33301.dion@thinkmoult.com> Hello, I've got myself a DSA keypair, just two files - one being the public key and the other being the private. I'm trying to find out the ID of that keypair. However this keypair doesn't show up when I do gpg --list-keys. It's passphraseless, it's DSA, and that's pretty much all I know. I made it quite a long time ago, perhaps through ssh-keygen. Is there perhaps a way to add it to the --list-keys list or find out the keypair ID through an alternative method? -- Dion Moult :-) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From kloecker at kde.org Sun Nov 8 18:21:16 2009 From: kloecker at kde.org (Ingo =?iso-8859-15?q?Kl=F6cker?=) Date: Sun, 08 Nov 2009 18:21:16 +0100 Subject: I am sure I did not forget my passphrase In-Reply-To: <34a893b70911080724i6b688d4w48fcd58f62e0bc0d@mail.gmail.com> References: <34a893b70911080724i6b688d4w48fcd58f62e0bc0d@mail.gmail.com> Message-ID: <200911081821.17297@thufir.ingo-kloecker.de> On Sunday 08 November 2009, Marko Randjelovic wrote: > What I know is simple. I created a key today and tried it signing one > file and it worked. Now, few hours later, I cannot do anything, and a > message is wrong passphrase. I checked mod.time of secret keyring and > it looks like was not modified in meanwhile. > > I am really confused, sure not have modified my passphrase, nor > forget it, but it simply does not work anymore. > > Is there a way to check if secret key info was modified? Do you use multiple keyboard layouts? If yes, then maybe you used another keyboard layout when you created the key. Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: From htd at fritha.org Sun Nov 8 17:52:37 2009 From: htd at fritha.org (Heinz Diehl) Date: Sun, 8 Nov 2009 17:52:37 +0100 Subject: Algorithm used to encrypt Message-ID: <20091108165237.GA21142@fritha.org> Hi, seems I'm just too stupid today to find what's maybe obvious: given an ascii armored gpg encrypted file, how can I find out what algorithm has been used to encrypt the file? Thanks, Heinz. From marelovic at gmail.com Sun Nov 8 19:01:27 2009 From: marelovic at gmail.com (Marko Randjelovic) Date: Sun, 8 Nov 2009 19:01:27 +0100 Subject: I am sure I did not forget my passphrase In-Reply-To: <200911081821.17297@thufir.ingo-kloecker.de> References: <34a893b70911080724i6b688d4w48fcd58f62e0bc0d@mail.gmail.com> <200911081821.17297@thufir.ingo-kloecker.de> Message-ID: <34a893b70911081001g46422628lb786b1c80887a707@mail.gmail.com> I made sure, both when creating keys and trying to use it, to be US keyboard and CAPS LOCK off. After failures, I tried to turn on CAPS and change layout with no success. But I found errors in /var/log/messages regarding sda/hda. sda is HDD and hda is DVD. Nov 8 14:12:18 main kernel: [ 5.798351] sda:hda: packet command error: tatus=0x51 { DriveReady SeekComplete Error } Nov 8 14:44:00 main kernel: [ 6.384317] sda:hda: packet command error: tatus=0x51 { DriveReady SeekComplete Error } Second error is probably after the key got corrupted. Is there significant probability the key got corrupted since it is only one error? 2009/11/8 Ingo Kl?cker > On Sunday 08 November 2009, Marko Randjelovic wrote: > > What I know is simple. I created a key today and tried it signing one > > file and it worked. Now, few hours later, I cannot do anything, and a > > message is wrong passphrase. I checked mod.time of secret keyring and > > it looks like was not modified in meanwhile. > > > > I am really confused, sure not have modified my passphrase, nor > > forget it, but it simply does not work anymore. > > > > Is there a way to check if secret key info was modified? > > Do you use multiple keyboard layouts? If yes, then maybe you used > another keyboard layout when you created the key. > > > Regards, > Ingo > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From dshaw at jabberwocky.com Mon Nov 9 03:46:08 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sun, 8 Nov 2009 21:46:08 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <20091108032412.GA6188@opensolaris.myhome.westell.com> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> Message-ID: On Nov 7, 2009, at 10:24 PM, Kevin Kammer wrote: > On Sat, Nov 07, 2009 at 09:44:23PM -0500 > Also sprach Robert J. Hansen: >> Kevin Kammer wrote: >>> If I attempt to create a data signature using a 2048-bit DSA signing >>> key, and the SHA224 hash algorithm, GnuPG complains as follows: >>> >>> ~ $ gpg -u A39CE7E5 --digest-algo H11 -b test.txt >> >> Your key is not on the keyserver network, so that will impair our >> ability to help you out with this. >> >> It appears that your key is actually 14CA0E78. To tell it to use a >> particular subkey, you need to append a "!" to the subkey ID. >> Otherwise, I believe GnuPG's behavior is to look at the certificate >> that >> subkey belongs to, and use the largest signing subkey on that >> certificate. If you have a 3072-bit signing subkey on 14CA0E78, this >> would explain your problem. >> >> Try: >> >> ~ $ gpg -u A39CE7E5! --digest-algo H11 -b test.txt >> >> > > My fault for not including the complete shell output from the command, > but GnuPG does indicate that it is using 2048-bit subkey A39CE7E5. > > I had already tried it with "!" just to be sure, but the result was > the > same, as is the result of attempting this with a 2048-bit primary key. > > Regardless of whether it is a sub-key or a primary, GnuPG just seems > to > mandate the use of SHA256 with 2048-bit DSA. This is not necessarily a > bad thing, but it is not "by the book," so I am trying to ascertain > why. That's not quite how it works. What matters here is how the key was generated in the first place. One of the numbers used to generate a DSA key is known as "q". In DSA, the size of q is what controls the size of the hash that will be used with the key. This value is set at key generation time, and cannot be changed (it's part of the key). It has no strong relationship to the overall key size, so in theory, you could have a 2048-bit DSA key that uses a 8-bit hash. Of course, that would make for pretty poor signatures, so the DSA spec (and OpenPGP spec in turn) give some guidelines as to what hashes should be used for a given key size. For a 2048-bit key, you can choose either a 224 or 256 bit q. So, let's say you had a 2048-bit key, and the program you used to generate it chose a 256-bit q size. This key would allow a 256-bit hash. A 224-bit hash is impossible (too small). If you had a 2048- bit key and the program you used to generate it chose a 224-bit q size, this key would then allow a 224-bit hash. A hash larger than 224 bits is allowable as well, but would be truncated down to 224 bits to fit. The problem you are having is that whatever program generated your key chose a 256-bit q size. That parameter, chosen at key generation time, not GPG at signing time, is what is preventing you from using SHA-224. So the real question here is why did your program generate a DSA key with a 256-bit q, when a 224-bit q would have been equally acceptable according to the spec? As you say, they are both legal. The answer there is that while both are legal, a 256-bit q is slightly stronger as it allows a larger hash to be used. Both PGP and GPG use a 256-bit q for a 2048-bit key. However, if you managed to generate a 2048-bit key with a 224-bit q (as earlier versions of GPG did), all versions of GPG would (correctly) allow the use of SHA-224 with this key. David From rjh at sixdemonbag.org Mon Nov 9 04:17:52 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sun, 08 Nov 2009 22:17:52 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> Message-ID: <4AF789E0.9020907@sixdemonbag.org> David Shaw wrote: > However, if you managed to generate a 2048-bit key with a 224-bit q > (as earlier versions of GPG did), all versions of GPG would > (correctly) allow the use of SHA-224 with this key. When did this changeover take place, and is there any way to get the old behavior back? From mephisto at fastmail.net Mon Nov 9 04:29:35 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Sun, 8 Nov 2009 22:29:35 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> Message-ID: <20091109032935.GA10913@opensolaris.myhome.westell.com> On Sun, Nov 08, 2009 at 09:46:08PM -0500 David Shaw wrote: > > That's not quite how it works. What matters here is how the key was > generated in the first place. > > One of the numbers used to generate a DSA key is known as "q". In DSA, > the size of q is what controls the size of the hash that will be used > with the key. This value is set at key generation time, and cannot be > changed (it's part of the key). It has no strong relationship to the > overall key size, so in theory, you could have a 2048-bit DSA key that > uses a 8-bit hash. Of course, that would make for pretty poor > signatures, so the DSA spec (and OpenPGP spec in turn) give some > guidelines as to what hashes should be used for a given key size. For a > 2048-bit key, you can choose either a 224 or 256 bit q. > > So, let's say you had a 2048-bit key, and the program you used to > generate it chose a 256-bit q size. This key would allow a 256-bit > hash. A 224-bit hash is impossible (too small). If you had a 2048-bit > key and the program you used to generate it chose a 224-bit q size, this > key would then allow a 224-bit hash. A hash larger than 224 bits is > allowable as well, but would be truncated down to 224 bits to fit. > > The problem you are having is that whatever program generated your key > chose a 256-bit q size. That parameter, chosen at key generation time, > not GPG at signing time, is what is preventing you from using SHA-224. > > So the real question here is why did your program generate a DSA key > with a 256-bit q, when a 224-bit q would have been equally acceptable > according to the spec? As you say, they are both legal. The answer > there is that while both are legal, a 256-bit q is slightly stronger as > it allows a larger hash to be used. Both PGP and GPG use a 256-bit q for > a 2048-bit key. However, if you managed to generate a 2048-bit key with > a 224-bit q (as earlier versions of GPG did), all versions of GPG would > (correctly) allow the use of SHA-224 with this key. > > David > A perfectly phrased and logical explanation. Thank you for elucidating this matter for me. What I failed to put together is that the size of q must be defined at key generation time, and thereafter is an immutable part of the key. I imagine I may at some point have been using a key generated with an older version of GnuPG, with a 224-bit q, and became accustomed to the permissibility of SHA224. Thanks again for your response, Kevin -- "Le hasard favorise l'esprit pr?par?." --Louis Pasteur From mephisto at fastmail.net Mon Nov 9 04:34:04 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Sun, 8 Nov 2009 22:34:04 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <4AF789E0.9020907@sixdemonbag.org> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> <4AF789E0.9020907@sixdemonbag.org> Message-ID: <20091109033404.GB10913@opensolaris.myhome.westell.com> On Sun, Nov 08, 2009 at 10:17:52PM -0500 Robert J. Hansen wrote: > David Shaw wrote: > > However, if you managed to generate a 2048-bit key with a 224-bit q > > (as earlier versions of GPG did), all versions of GPG would > > (correctly) allow the use of SHA-224 with this key. > > When did this changeover take place, and is there any way to get the old > behavior back? > Unless there is some inescapable constraint on the size of one's signature, I am hard pressed to think of a reason for using SHA224 when SHA256 is available. However, the question is worth asking if only to sate curiousity. -Kevin From mephisto at fastmail.net Mon Nov 9 04:40:10 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Sun, 8 Nov 2009 22:40:10 -0500 Subject: I am sure I did not forget my passphrase In-Reply-To: <34a893b70911080724i6b688d4w48fcd58f62e0bc0d@mail.gmail.com> References: <34a893b70911080724i6b688d4w48fcd58f62e0bc0d@mail.gmail.com> Message-ID: <20091109034010.GC10913@opensolaris.myhome.westell.com> On Sun, Nov 08, 2009 at 04:24:01PM +0100 Marko Randjelovic wrote: > > Is there a way to check if secret key info was modified? Check the time/date of the latest self-signature on the key. However, if the key data was unintentionally modified outside of gpg, such as through data corruption, then there is likely no way to recover from it (unless you have a backup stored somewhere). -- "Le hasard favorise l'esprit pr?par?." --Louis Pasteur From mephisto at fastmail.net Mon Nov 9 04:57:46 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Sun, 8 Nov 2009 22:57:46 -0500 Subject: Algorithm used to encrypt In-Reply-To: <20091108165237.GA21142@fritha.org> References: <20091108165237.GA21142@fritha.org> Message-ID: <20091109035746.GD10913@opensolaris.myhome.westell.com> On Sun, Nov 08, 2009 at 05:52:37PM +0100 Heinz Diehl wrote: > Hi, > > seems I'm just too stupid today to find what's maybe obvious: > given an ascii armored gpg encrypted file, how can I find out what > algorithm has been used to encrypt the file? > > Thanks, > Heinz. I should preface what I say by indicating that I always use "verbose" mode (set in gpg.conf): When I invoke gpg on a file encrypted with my public key, it displays the public key algorithm used to encrypt the session key before it asks for a passphrase. After I enter the passphrase, the symmetric algorithm is displayed as well. I would infer (perhaps mistakenly) that data identifying the symmetric algo is stored, encrypted, with the session key, and is therefore only accessible after the first phase of the decryption process (i.e. decrypting the session key material using the appropriate private key) is successful. If my inference is correct, then it is possible (in fact, necessary) to be able to ascertain the public key algo on any OpenPGP encrypted document, but it is only possible to determine the symmetric algo if you have access to the appropriate private key. -Kevin -- "Le hasard favorise l'esprit pr?par?." --Louis Pasteur From rjh at sixdemonbag.org Mon Nov 9 05:11:01 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sun, 08 Nov 2009 23:11:01 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <20091109033404.GB10913@opensolaris.myhome.westell.com> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> <4AF789E0.9020907@sixdemonbag.org> <20091109033404.GB10913@opensolaris.myhome.westell.com> Message-ID: <4AF79655.7020302@sixdemonbag.org> Kevin Kammer wrote: > Unless there is some inescapable constraint on the size of one's > signature, I am hard pressed to think of a reason for using SHA224 when > SHA256 is available. Conformance with corporate IT policies. Many corporate IT policies are drafted by people who don't really understand the underlying technologies. They see the NIST drafts and say "ah, 224-bit hashes are to be used with DSA-2048," and proceed to require SHA224 to be used with DSA-2048. From mephisto at fastmail.net Mon Nov 9 05:19:00 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Sun, 8 Nov 2009 23:19:00 -0500 Subject: Algorithm used to encrypt In-Reply-To: <20091109035746.GD10913@opensolaris.myhome.westell.com> References: <20091108165237.GA21142@fritha.org> <20091109035746.GD10913@opensolaris.myhome.westell.com> Message-ID: <20091109041900.GE10913@opensolaris.myhome.westell.com> On Sun, Nov 08, 2009 at 10:57:46PM -0500 I wrote: > On Sun, Nov 08, 2009 at 05:52:37PM +0100 Heinz Diehl wrote: > > Hi, > > > > seems I'm just too stupid today to find what's maybe obvious: > > given an ascii armored gpg encrypted file, how can I find out what > > algorithm has been used to encrypt the file? > > > > Thanks, > > Heinz. > > ... I would infer (perhaps mistakenly) that data identifying the > symmetric algo is stored, encrypted, with the session key, and is > therefore only accessible after the first phase of the decryption > process (i.e. decrypting the session key material using the > appropriate private key) is successful. If my inference is correct... > I figured that I owed you a better respons than "I guess..." so I looked the following up. I would seem that my guess was on the money. The following is quoted from RFC4880 (OpenPGP Message Format): 5.1. Public-Key Encrypted Session Key Packets (Tag 1) A Public-Key Encrypted Session Key packet holds the session key used to encrypt a message. ... The body of this packet consists of: - A one-octet number giving the version number of the packet type. The currently defined value for packet version is 3. - An eight-octet number that gives the Key ID of the public key to which the session key is encrypted. If the session key is encrypted to a subkey, then the Key ID of this subkey is used here instead of the Key ID of the primary key. - A one-octet number giving the public-key algorithm used. - A string of octets that is the encrypted session key. This string takes up the remainder of the packet, and its contents are dependent on the public-key algorithm used. Algorithm Specific Fields for RSA encryption - multiprecision integer (MPI) of RSA encrypted value m**e mod n. Algorithm Specific Fields for Elgamal encryption: - MPI of Elgamal (Diffie-Hellman) value g**k mod p. - MPI of Elgamal (Diffie-Hellman) value m * y**k mod p. The value "m" in the above formulas is derived from the session key as follows. First, the session key is prefixed with a one-octet algorithm identifier that specifies the symmetric encryption algorithm used to encrypt the following Symmetrically Encrypted Data Packet... So, it would appear that the symmetric algo is specified as part of the "string of octets that is the encrypted session key," and therefore, being encrypted, is only accessible if you have the means (the correct private key) to decrypt the packet. -Kevin -- "Le hasard favorise l'esprit pr?par?." --Louis Pasteur From mephisto at fastmail.net Mon Nov 9 05:26:43 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Sun, 8 Nov 2009 23:26:43 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <4AF79655.7020302@sixdemonbag.org> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> <4AF789E0.9020907@sixdemonbag.org> <20091109033404.GB10913@opensolaris.myhome.westell.com> <4AF79655.7020302@sixdemonbag.org> Message-ID: <20091109042643.GF10913@opensolaris.myhome.westell.com> On Sun, Nov 08, 2009 at 11:11:01PM -0500 Also sprach Robert J. Hansen: > Kevin Kammer wrote: > > Unless there is some inescapable constraint on the size of one's > > signature, I am hard pressed to think of a reason for using SHA224 when > > SHA256 is available. > > Conformance with corporate IT policies. Many corporate IT policies are > drafted by people who don't really understand the underlying > technologies. They see the NIST drafts and say "ah, 224-bit hashes are > to be used with DSA-2048," and proceed to require SHA224 to be used with > DSA-2048. > Ah yes... corporate policy. How could I forget? Having deployed PKI while I was in the military, I can certainly sympathise with you regarding a large organization rigorously adhering to policy, regardless of how much or little sense it makes. The bright side is, the same documents which say SHA224 can be used with DSA-2048 also permit SHA256. If anyone sets policy based on, say, FIPS186, you can always cite that part. -Kevin -- "Le hasard favorise l'esprit pr?par?." --Louis Pasteur From dshaw at jabberwocky.com Mon Nov 9 05:45:43 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sun, 8 Nov 2009 23:45:43 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <4AF79655.7020302@sixdemonbag.org> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> <4AF789E0.9020907@sixdemonbag.org> <20091109033404.GB10913@opensolaris.myhome.westell.com> <4AF79655.7020302@sixdemonbag.org> Message-ID: <085198BB-672D-4D4B-A9AF-099E505585C3@jabberwocky.com> On Nov 8, 2009, at 11:11 PM, Robert J. Hansen wrote: > Kevin Kammer wrote: >> Unless there is some inescapable constraint on the size of one's >> signature, I am hard pressed to think of a reason for using SHA224 >> when >> SHA256 is available. > > Conformance with corporate IT policies. Many corporate IT policies > are > drafted by people who don't really understand the underlying > technologies. They see the NIST drafts and say "ah, 224-bit hashes > are > to be used with DSA-2048," and proceed to require SHA224 to be used > with > DSA-2048. NIST, along with RFC-4880, says that you can use either 224-bit or 256- bit hashes with DSA-2048. David From hedgehogshiatus at gmail.com Mon Nov 9 07:21:17 2009 From: hedgehogshiatus at gmail.com (Hedge Hog) Date: Mon, 9 Nov 2009 17:21:17 +1100 Subject: gpg-error.h possible(?) syntax error: #define GPG_ERR_SYSTEM_ERROR (1 << 15) In-Reply-To: <87my30pwl0.fsf@vigenere.g10code.de> References: <143041db0911010204k60ca4b7cn214dc03447f09c8c@mail.gmail.com> <87my30pwl0.fsf@vigenere.g10code.de> Message-ID: <143041db0911082221q5bfdced6te65006ee23763e4@mail.gmail.com> On Fri, Nov 6, 2009 at 7:04 AM, Werner Koch wrote: > On Sun, ?1 Nov 2009 11:04, hedgehogshiatus at gmail.com said: > >> It is not clear to me if this is an problem with gpg-error.h or swig. > > The same code with some context: > > ?typedef enum > ? ?{ > ? ? ?GPG_ERR_NO_ERROR = 0, > ? ? ?GPG_ERR_GENERAL = 1, > ?[...] > ? ? ?GPG_ERR_EOF = 16383, > > ? ? ?/* The following error codes are used to map system errors. ?*/ > ?#define GPG_ERR_SYSTEM_ERROR ?(1 << 15) > ? ? ?GPG_ERR_E2BIG = GPG_ERR_SYSTEM_ERROR | 0, > ? ? ?GPG_ERR_EACCES = GPG_ERR_SYSTEM_ERROR | 1, > ?[...] > ? ? ?/* This is one more than the largest allowed entry. ?*/ > ? ? ?GPG_ERR_CODE_DIM = 65536 > ? ?} gpg_err_code_t; > > Swig seems to tumble over the #define preprocessor directive within a > typedef for an enum. ?That is clearly a swig problem. > > To fix this you may run (a working) cpp over gpg-error.h and passing its > output to swig. ?("cpp gpg-error.h >gpg-error.i") > Thank-you for the suggestion. Unfortunately cpp produced some code that `swig -ruby` choked on. A workaround was to generate xml output from `swig -c++` and process this xml file. Thanks again > > Shalom-Salam, > > ? Werner > > -- > Die Gedanken sind frei. ?Ausnahmen regelt ein Bundesgesetz. > > -- ????' ??? ??????, ???' ?????? ?? ???? [The fox knows many things, but the hedgehog knows one big thing.] Archilochus, Greek poet (c. 680 BC ? c. 645 BC) http://wiki.hedgehogshiatus.com From yumengcool at gmail.com Mon Nov 9 10:14:37 2009 From: yumengcool at gmail.com (Rui Hu) Date: Mon, 9 Nov 2009 17:14:37 +0800 Subject: code page problem with gpg 4 win Message-ID: Hi, all I use gpg version 1.4.10 for win, my native language is chinese, i want to gen a key pair with Chinese real name (UID).but when i type chinese characters in the console, gpg failed to handle the chinese characters . i ever used the following commands to gen key pair: gpg --display-charset utf-8 --gen-key gpg --utf8-strings --gen-key gpg --display-charset GBK --gen-key All of them failed to do it. I searched the mail list for this problem, i find the following URL: http://lists.gnupg.org/pipermail/gnupg-i18n/2003-March/000202.html it gives a solution for russian.but what can i do in my case? BTW: I can gen key pair with chinese characters uid by GNU-4win GUI. and console in my os uses code page 936, that means GBK. of course, when i type following command, that chinese characters uid can be display well. gpg --list-keys thanks for every reply. -- regards Ray From wk at gnupg.org Mon Nov 9 11:39:27 2009 From: wk at gnupg.org (Werner Koch) Date: Mon, 09 Nov 2009 11:39:27 +0100 Subject: Finding key ID of a keypair In-Reply-To: <200911090019.33301.dion@thinkmoult.com> (Dion Moult's message of "Mon, 9 Nov 2009 00:19:22 +0800") References: <200911090019.33301.dion@thinkmoult.com> Message-ID: <87tyx4x9r4.fsf@vigenere.g10code.de> On Sun, 8 Nov 2009 17:19, dion at thinkmoult.com said: > I've got myself a DSA keypair, just two files - one being the public key and > the other being the private. I'm trying to find out the ID of that keypair. A mere gpg OURFILE will do Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Mon Nov 9 11:43:56 2009 From: wk at gnupg.org (Werner Koch) Date: Mon, 09 Nov 2009 11:43:56 +0100 Subject: HELP - IMPORTANT - Signature check with libgpgme-11.dll In-Reply-To: <35932AA3CBC336449141A46A9F0FAF3D2FD86A@BARNEY.sevencs.net> (Knud Pehrs's message of "Fri, 6 Nov 2009 13:51:28 +0100") References: <35932AA3CBC336449141A46A9F0FAF3D2FD86A@BARNEY.sevencs.net> Message-ID: <87pr7sx9jn.fsf@vigenere.g10code.de> On Fri, 6 Nov 2009 13:51, ph at sevencs.com said: > I need some help as soon as possible! If you in that urgent need for help you may want to check with a commercial support company or a freelancer. The GnuPG service directory at http://www.gnupg.org/service.html may be helpful. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Mon Nov 9 11:52:48 2009 From: wk at gnupg.org (Werner Koch) Date: Mon, 09 Nov 2009 11:52:48 +0100 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <4AF789E0.9020907@sixdemonbag.org> (Robert J. Hansen's message of "Sun, 08 Nov 2009 22:17:52 -0500") References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> <4AF789E0.9020907@sixdemonbag.org> Message-ID: <87ljigx94u.fsf@vigenere.g10code.de> On Mon, 9 Nov 2009 04:17, rjh at sixdemonbag.org said: > When did this changeover take place, and is there any way to get the old > behavior back? On 2009-07-09; that is since 1.4.10 / 2.0.13. There is no option to change it back. The code in g10/keygen.c reads: /* Figure out a q size based on the key size. FIPS 180-3 says: L = 1024, N = 160 L = 2048, N = 224 L = 2048, N = 256 L = 3072, N = 256 2048/256 is an odd pair since there is also a 2048/224 and 3072/256. Matching sizes is not a very exact science. We'll do 256 qbits for nbits over 2047, 224 for nbits over 1024 but less than 2048, and 160 for 1024 (DSA1). */ if(nbits>2047) qbits=256; else if(nbits>1024) qbits=224; else qbits=160; Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dion at thinkmoult.com Mon Nov 9 13:08:22 2009 From: dion at thinkmoult.com (Dion Moult) Date: Mon, 9 Nov 2009 20:08:22 +0800 Subject: Finding key ID of a keypair In-Reply-To: <87tyx4x9r4.fsf@vigenere.g10code.de> References: <200911090019.33301.dion@thinkmoult.com> <87tyx4x9r4.fsf@vigenere.g10code.de> Message-ID: <200911092008.38143.dion@thinkmoult.com> On Monday 09 November 2009 18:39:27 Werner Koch wrote: > On Sun, 8 Nov 2009 17:19, dion at thinkmoult.com said: > > I've got myself a DSA keypair, just two files - one being the public key > > and the other being the private. I'm trying to find out the ID of that > > keypair. > > A mere > > gpg OURFILE > > will do > > > Salam-Shalom, > > Werner > Unfortunately it didn't seem to do anything: localhost ~/.ssh # gpg myfile.key gpg: no valid OpenPGP data found. gpg: processing message failed: Unknown system error localhost ~/.ssh # gpg myfile.pub gpg: no valid OpenPGP data found. gpg: processing message failed: Unknown system error Where myfile.key is the file containing the private key and myfile.pub is the file containing the public key. -- Dion Moult :-) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From jmcneal at fh-eberswalde.de Mon Nov 9 12:53:31 2009 From: jmcneal at fh-eberswalde.de (McNeal, John) Date: Mon, 9 Nov 2009 12:53:31 +0100 Subject: problems with gnupg2 and passphrase Message-ID: <0814D27AF2D2DB46A49FAACD15F82C361B9275EAA0@exchange2007.fh-eberswalde.de> Hi, I'm using GnuPG 2.0.12 (GPG4Win) and have problems in decrypting multiple files with the same passphrase via command prompt. My old GnuPG Version 1.x.x commad was gpg2.exe --allow-multiple-messages --passphrase geheim --decrypt-files C:\Test\*.gpg The command doesn't work anymore and I'm getting a popup window for entering my passphrase. I'm looking for a command that decrypts multiple files with the same passphrase without any additional "ask windows". I already searched the manual but didn't found any helpful information. Thanks for any help. -- John From mephisto at fastmail.net Mon Nov 9 14:20:01 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Mon, 9 Nov 2009 08:20:01 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <87ljigx94u.fsf@vigenere.g10code.de> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> <4AF789E0.9020907@sixdemonbag.org> <87ljigx94u.fsf@vigenere.g10code.de> Message-ID: <20091109132000.GA4910@macbookpro.myhome.westell.com> On Mon, Nov 09, 2009 at 11:52:48AM +0100 Also sprach Werner Koch: > On Mon, 9 Nov 2009 04:17, rjh at sixdemonbag.org said: > > > When did this changeover take place, and is there any way to get the old > > behavior back? > > On 2009-07-09; that is since 1.4.10 / 2.0.13. There is no option to > change it back. The code in g10/keygen.c reads: > > /* > Figure out a q size based on the key size. FIPS 180-3 says: > > L = 1024, N = 160 > L = 2048, N = 224 > L = 2048, N = 256 > L = 3072, N = 256 > > 2048/256 is an odd pair since there is also a 2048/224 and > 3072/256. Matching sizes is not a very exact science. > > We'll do 256 qbits for nbits over 2047, 224 for nbits over 1024 > but less than 2048, and 160 for 1024 (DSA1). > */ > > if(nbits>2047) > qbits=256; > else if(nbits>1024) > qbits=224; > else > qbits=160; > I imagine it would not be terribly difficult to rewrite keygen.c to offer the option of qbits=224 for nbits==2048, offered at key generation time (likely with the --expert flag set), but it would be a non-trivial change for a very questionable benefit. -Kevin -- "Le hasard favorise l'esprit pr?par?." --Louis Pasteur From wk at gnupg.org Mon Nov 9 15:37:46 2009 From: wk at gnupg.org (Werner Koch) Date: Mon, 09 Nov 2009 15:37:46 +0100 Subject: Finding key ID of a keypair In-Reply-To: <200911092008.38143.dion@thinkmoult.com> (Dion Moult's message of "Mon, 9 Nov 2009 20:08:22 +0800") References: <200911090019.33301.dion@thinkmoult.com> <87tyx4x9r4.fsf@vigenere.g10code.de> <200911092008.38143.dion@thinkmoult.com> Message-ID: <87ljifwypx.fsf@vigenere.g10code.de> On Mon, 9 Nov 2009 13:08, dion at thinkmoult.com said: > localhost ~/.ssh # gpg myfile.key > gpg: no valid OpenPGP data found. > gpg: processing message failed: Unknown system error Probably not an OpenPGP key. You my try gpg --list-packets myfile.key to dump the packets, but this is unlikely to show something else than running just gpg on the file. Chech that the file is a proper OpePGP file and has been downloded correctly. Often FTP is not used coreclty and breaks binary files. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Mon Nov 9 15:25:16 2009 From: wk at gnupg.org (Werner Koch) Date: Mon, 09 Nov 2009 14:25:16 -0000 Subject: problems with gnupg2 and passphrase In-Reply-To: <0814D27AF2D2DB46A49FAACD15F82C361B9275EAA0@exchange2007.fh-eberswalde.de> (John McNeal's message of "Mon, 9 Nov 2009 12:53:31 +0100") References: <0814D27AF2D2DB46A49FAACD15F82C361B9275EAA0@exchange2007.fh-eberswalde.de> Message-ID: On Mon, 9 Nov 2009 12:53, jmcneal at fh-eberswalde.de said: > I'm using GnuPG 2.0.12 (GPG4Win) and have problems in decrypting multiple files with the same passphrase via command prompt. My old GnuPG Version 1.x.x commad was > > gpg2.exe --allow-multiple-messages --passphrase geheim --decrypt-files C:\Test\*.gpg First of all you should not use --allow-multiple-messages: @item --allow-multiple-messages @item --no-allow-multiple-messages Allow processing of multiple OpenPGP messages contained in a single file or stream. Some programs that call GPG are not prepared to deal with multiple messages being processed together, so this option defaults to no. Note that versions of GPG prior to 1.4.7 always allowed multiple messages. Warning: Do not use this option unless you need it as a temporary workaround! > The command doesn't work anymore and I'm getting a popup window for > entering my passphrase. I'm looking for a command that decrypts > multiple files with the same passphrase without any additional "ask > windows". I already searched the manual but didn't found any helpful gpg2 requires the gpg-agent to handle the secret keys. The gpg-agent also caches passphrases, thus you need to enter them only once. Install gpg-agent properly so that gpg2 does not fall back to start gpg-agent for each operation which prohibits the caching. If you don't want a puinentry popup at all, you may seen the gpg-agent cahce with passphrases. See gpg-preset-passphrase for more info: SYNOPSIS gpg-preset-passphrase [options] [command] keygrip DESCRIPTION The gpg-preset-passphrase is a utility to seed the internal cache of a running gpg-agent with passphrases. It is mainly useful for unattended machines, where the usual pinentry tool may not be used and the passphrases for the to be used keys are given at machine startup. Passphrases set with this utility don't expire unless the --forget option is used to explicitly clear them from the cache --- or gpg-agent is either restarted or reloaded (by sending a SIGHUP to it). It is necessary to allow this passphrase presetting by starting gpg-agent with the --allow-preset-passphrase. gpg-preset-passphrase is invoked this way: gpg-preset-passphrase [options] [command] keygrip keygrip is a 40 character string of hexadecimal characters identifying the key for which the passphrase should be set or cleared. This keygrip is listed along with the key when running the command: gpgsm --dump-secret-keys. One of the following command options must be given: --preset Preset a passphrase. This is what you usually will use. gpg-preset-passphrase will then read the passphrase from stdin. [...] Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dshaw at jabberwocky.com Mon Nov 9 15:53:45 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Mon, 9 Nov 2009 09:53:45 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: <20091109132000.GA4910@macbookpro.myhome.westell.com> References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> <4AF789E0.9020907@sixdemonbag.org> <87ljigx94u.fsf@vigenere.g10code.de> <20091109132000.GA4910@macbookpro.myhome.westell.com> Message-ID: On Nov 9, 2009, at 8:20 AM, Kevin Kammer wrote: > On Mon, Nov 09, 2009 at 11:52:48AM +0100 Also sprach Werner Koch: >> On Mon, 9 Nov 2009 04:17, rjh at sixdemonbag.org said: >> >>> When did this changeover take place, and is there any way to get >>> the old >>> behavior back? >> >> On 2009-07-09; that is since 1.4.10 / 2.0.13. There is no option to >> change it back. The code in g10/keygen.c reads: >> >> /* >> Figure out a q size based on the key size. FIPS 180-3 says: >> >> L = 1024, N = 160 >> L = 2048, N = 224 >> L = 2048, N = 256 >> L = 3072, N = 256 >> >> 2048/256 is an odd pair since there is also a 2048/224 and >> 3072/256. Matching sizes is not a very exact science. >> >> We'll do 256 qbits for nbits over 2047, 224 for nbits over 1024 >> but less than 2048, and 160 for 1024 (DSA1). >> */ >> >> if(nbits>2047) >> qbits=256; >> else if(nbits>1024) >> qbits=224; >> else >> qbits=160; >> > > I imagine it would not be terribly difficult to rewrite keygen.c to > offer the option of qbits=224 for nbits==2048, offered at key > generation > time (likely with the --expert flag set), but it would be a non- > trivial > change for a very questionable benefit. Very questionable, indeed. There are a number of places where the various standards that comprise OpenPGP, and the OpenPGP standard itself, give the implementor leeway to pick path A or B. Each additional line of code to implement changes to accommodate stuff like this adds testing time, adds potential for bugs, and takes away time from more useful things. IT department rules don't always make sense, but you can't make a product like GPG in constant fear that some hypothetical IT department will take offense at some particular obscure detail in it (a detail, again, that is correct as per the DSS and OpenPGP specs). If that IT department became non-hypothetical, it might be worth looking at. In any event, that hypothetical IT department will find it rather hard to use OpenPGP at all - offhand, I can't think of any current OpenPGP product that supports DSA over 1024 bits that doesn't use a 256-bit q for a 2048-bit key. David From rjh at sixdemonbag.org Mon Nov 9 16:09:56 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 09 Nov 2009 10:09:56 -0500 Subject: gpg rejects SHA224 with DSA-2048 In-Reply-To: References: <20091108004801.GA27985@opensolaris.myhome.westell.com> <4AF63087.1080602@sixdemonbag.org> <20091108032412.GA6188@opensolaris.myhome.westell.com> <4AF789E0.9020907@sixdemonbag.org> <87ljigx94u.fsf@vigenere.g10code.de> <20091109132000.GA4910@macbookpro.myhome.westell.com> Message-ID: <4AF830C4.5070400@sixdemonbag.org> David Shaw wrote: > IT department rules don't always make sense, > but you can't make a product like GPG in constant fear that some > hypothetical IT department will take offense at some particular obscure > detail in it (a detail, again, that is correct as per the DSS and > OpenPGP specs). If that IT department became non-hypothetical, it might > be worth looking at. I agree with you about the need to make policy decisions, which is why I wasn't asking for an option to be added or for the change to be reverted. Saying when the change was made and how to revert it is enough for me -- if it becomes important to someone, the knowledge is out there waiting for a Google search. Thanks, Werner, for the code extract. I appreciate it. :) From tmz at pobox.com Mon Nov 9 15:50:14 2009 From: tmz at pobox.com (Todd Zullinger) Date: Mon, 9 Nov 2009 09:50:14 -0500 Subject: Finding key ID of a keypair In-Reply-To: <200911090019.33301.dion@thinkmoult.com> References: <200911090019.33301.dion@thinkmoult.com> Message-ID: <20091109145014.GE31109@inocybe.localdomain> Dion Moult wrote: > It's passphraseless, it's DSA, and that's pretty much all I know. I > made it quite a long time ago, perhaps through ssh-keygen. If you created the key with ssh-keygen, then it's an SSH key, not an OpenPGP key. The two systems, ssh and gpg, do not use the same key formats. For an ssh key, you can print out the key's fingerprint using ssh-keygen -l -f /path/to/key -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The only difference between a rut and a grave is the depth. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 542 bytes Desc: not available URL: From David.Gray at turpin-distribution.com Mon Nov 9 16:55:15 2009 From: David.Gray at turpin-distribution.com (David Gray) Date: Mon, 9 Nov 2009 15:55:15 -0000 Subject: No secret key under different account In-Reply-To: <4AEECA4D.9050801@Mozilla-Enigmail.org> References: <33CE89420E3A834A82E48C2C747A706102923A60@HERMES.turpin-bg.local> <33CE89420E3A834A82E48C2C747A706102923A63@HERMES.turpin-bg.local> <4AEB5A36.9030302@Mozilla-Enigmail.org> <33CE89420E3A834A82E48C2C747A706102923A68@HERMES.turpin-bg.local> <4AEECA4D.9050801@Mozilla-Enigmail.org> Message-ID: <33CE89420E3A834A82E48C2C747A706102923AA3@HERMES.turpin-bg.local> Hi, Thanks for the info & detailed response. I'm going to go with option C as you suggest. Must admit I hadn't realised that .MAN pages are the docs. Cheers Dave -----Original Message----- From: John Clizbe [mailto:John at Mozilla-Enigmail.org] Sent: 02 November 2009 12:02 To: GnuPG Users Cc: David Gray Subject: Re: No secret key under different account David Gray wrote: > > What are peoples thoughts on which is the best option: > > a) copy the secring.gpg & pubring.gpg files to the second user account? > b) export and import the keys to the second user account? > c) add a reference to the second account's gpg.conf file? it depends on what you are trying to accomplish. Any of the above may be the best option for a given set of requirements. If I wish to use my keys on a new machine, option a or redirecting gpg.conf to keyrings (& trustdb) on portable media is probably the route I'd take. If I wanted to share a central keyring of, for example, customer keys, I probably go with option c. > Also could anyone please give me an example of the syntax for adding > keyring references to gpg.conf? no-default-keyring primary-keyring pubring.gpg keyring O:\GnuPG\pubring.gpg keyring strong.gpg keyring trusted.gpg secret-keyring secring.gpg secret-keyring O:\GnuPG\secring.gpg These should be explained in gpg2.man which should be in the share\gnupg directory under gpg2's onstallation directory, default on Windows: C:\Program Files\GNU\GnuPG2\share\gnupg\gpg2.man. It can be read with Notepad -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From mortenkjarulff at gmail.com Wed Nov 11 13:13:33 2009 From: mortenkjarulff at gmail.com (=?ISO-8859-1?Q?Morten_Kj=E6rulff?=) Date: Wed, 11 Nov 2009 13:13:33 +0100 Subject: Is it safe to put an encrypted file on a public web server Message-ID: Hi, I am new here, so sorry if I ask stupid questions. I would like to use my unused storage on various web servers for backup of my personal data, including the file with all my passwords. Q1) Assume that I make a good passphrase, would it then be safe to encrypt my backup with "gpg --symmetric ...", and put the backup where anyone can get it? man page for --symmetric say: "... The default symmetric cipher used is CAST5, but may be chosen with the --cipher-algo option. ...". "gpg --version" says: Home: ~/.gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 Q2) Why would I use another cipher? Q3) Are some ciphers stronger than others? If so, which is the best for my purpose? (is it purpose dependent which is best?) Cheers, Morten From dshaw at jabberwocky.com Wed Nov 11 15:01:09 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 11 Nov 2009 09:01:09 -0500 Subject: Is it safe to put an encrypted file on a public web server In-Reply-To: References: Message-ID: <45313CB9-C168-46EC-8B03-5A9A1CC766C3@jabberwocky.com> On Nov 11, 2009, at 7:13 AM, Morten Kj?rulff wrote: > Hi, > > I am new here, so sorry if I ask stupid questions. > > I would like to use my unused storage on various web servers for > backup of my personal data, including the file with all my passwords. > > Q1) Assume that I make a good passphrase, would it then be safe to > encrypt my backup with "gpg --symmetric ...", and put the backup where > anyone can get it? Yes, it is safe, but keep in mind that this rests the complete protection of the data on the passphrase (i.e. it had better be a good one, since an attacker can download your encrypted backup and spend all the time they like trying to find the passphrase). Generally, people don't put their encrypted files in a public place. This aids in protecting the data since if the attacker can't get the file at all, they can't even try to attack the passphrase. It's a defense in depth. So basically safe, but perhaps inadvisable. > man page for --symmetric say: "... The default symmetric cipher > used is CAST5, but may be chosen with the --cipher-algo option. > ...". "gpg --version" says: > > Home: ~/.gnupg > Supported algorithms: > Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA > Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH > Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 > Compression: Uncompressed, ZIP, ZLIB, BZIP2 > > Q2) Why would I use another cipher? Personal taste, local business or other policy, legal requirements (some industries in some countries have to use particular ciphers), etc. > Q3) Are some ciphers stronger than others? If so, which is the best > for my purpose? (is it purpose dependent which is best?) Yes, some are stronger than others, but it's hard to say which is best without knowing exactly what you want. For example, 3DES is the oldest (and by far the slowest) cipher in GPG's list, but if you want the cipher that has withstood attack for the longest period of time, that's your choice. If you want the one that has had the most recent study, that's probably AES. If you want to be compatible with really old versions of PGP (not GPG), you want IDEA (not in your list above). And so on. AES256 is probably the best all-round choice in GPG if you want to just say "strongest" and leave it at that (it is also the default cipher for new keys), but note that unless your situation is unusual, any of the ciphers in GPG is likely stronger than they need to be. David From gerry.lowry at abilitybusinesscomputerservices.com Wed Nov 11 15:23:13 2009 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry_lowry (alliston ontario canada (705) 250-0112)) Date: Wed, 11 Nov 2009 09:23:13 -0500 Subject: Is it safe to put an encrypted file on a public web server References: Message-ID: (a) assume nothing is safe (b) assume that if your information is not valuable to national security agencies or organized crime, it is in less danger of probing and poking. (c) if someone takes your car, it is likely obvious; if someone copies your data, you may never know (d) if someone copies your data and then deletes it and holds the copied data for ransom, you are scr**d if you do not have local backup. (e) shared host ISPs may not back up your data, if their server hard disk(s) fail, you may be scr**d if you do not have local backup. (f) decryption may fail ... so encrypt only those files you want to hide from prying eyes. (g) decompression may fail ... so compress only those files for which you have local backup. (h) one of my mantra's: you can NEVER have TOO MUCH backup. Regards, Gerry (Lowry) ------------------------------------------------------------------------------- Never miss an appointment ~~ apprem.com ~~ https://www.apprem.com ------------------------------------------------------------------------------- Gerry Lowry, Principal Ability Business Computer Services ~~ Because it's your Business, our Experience Counts! 68 John W. Taylor Avenue Alliston ? Ontario ? Canada ? L9R 0E1 ? 705.250.0112 gerry.lowry at abilitybusinesscomputerservices.com http://abilitybusinesscomputerservices.com From mephisto at fastmail.net Wed Nov 11 16:49:55 2009 From: mephisto at fastmail.net (Kevin Kammer) Date: Wed, 11 Nov 2009 10:49:55 -0500 Subject: Is it safe to put an encrypted file on a public web server In-Reply-To: <45313CB9-C168-46EC-8B03-5A9A1CC766C3@jabberwocky.com> References: <45313CB9-C168-46EC-8B03-5A9A1CC766C3@jabberwocky.com> Message-ID: <20091111154955.GB14001@opensolaris.myhome.westell.com> On Wed, Nov 11, 2009 at 09:01:09AM -0500 Also sprach David Shaw: > AES256 is probably the best all-round choice in GPG if you want to > just say "strongest" and leave it at that AES 192 or AES 128 may actually be a more secure choice than AES 256, until they work out the following: http://www.schneier.com/crypto-gram-0908.html#8 That having been said, unless a major corporation or intelligence agency is interested in your data, the relative "strength" of one of these ciphers over another are mostly academic. Almost nobody would bother trying to use sophisticated cryptanalytic attacks, because there are so many avenues of attack that are much easier, cheaper, and still very effective. E.G. is your computer physically guarded 24/7? If not, how do you know someone hasn't put a keylogger on it? Hey--it's easier than a related- key attack with 2^117 complexity. -Kevin -- "Le hasard favorise l'esprit pr?par?." --Louis Pasteur From dion at thinkmoult.com Wed Nov 11 17:00:47 2009 From: dion at thinkmoult.com (Dion Moult) Date: Thu, 12 Nov 2009 00:00:47 +0800 Subject: Is it safe to put an encrypted file on a public web server In-Reply-To: References: Message-ID: <200911120000.52416.dion@thinkmoult.com> Hello, I would recommend putting it below the document root of the webserver for added security - you really don't want crawlers easily discovering it. On Wednesday 11 November 2009 20:13:33 Morten Kj?rulff wrote: > Hi, > > I am new here, so sorry if I ask stupid questions. > > I would like to use my unused storage on various web servers for > backup of my personal data, including the file with all my passwords. > > Q1) Assume that I make a good passphrase, would it then be safe to > encrypt my backup with "gpg --symmetric ...", and put the backup where > anyone can get it? > > man page for --symmetric say: "... The default symmetric cipher > used is CAST5, but may be chosen with the --cipher-algo option. > ...". "gpg --version" says: > > Home: ~/.gnupg > Supported algorithms: > Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA > Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH > Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 > Compression: Uncompressed, ZIP, ZLIB, BZIP2 > > Q2) Why would I use another cipher? > > Q3) Are some ciphers stronger than others? If so, which is the best > for my purpose? (is it purpose dependent which is best?) > > Cheers, > Morten > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Dion Moult :-) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From dshaw at jabberwocky.com Wed Nov 11 19:48:00 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 11 Nov 2009 13:48:00 -0500 Subject: Is it safe to put an encrypted file on a public web server In-Reply-To: <20091111154955.GB14001@opensolaris.myhome.westell.com> References: <45313CB9-C168-46EC-8B03-5A9A1CC766C3@jabberwocky.com> <20091111154955.GB14001@opensolaris.myhome.westell.com> Message-ID: <8772FA8F-F9CD-4B42-9ED6-8146147824CC@jabberwocky.com> On Nov 11, 2009, at 10:49 AM, Kevin Kammer wrote: > On Wed, Nov 11, 2009 at 09:01:09AM -0500 > Also sprach David Shaw: >> AES256 is probably the best all-round choice in GPG if you want to >> just say "strongest" and leave it at that > > AES 192 or AES 128 may actually be a more secure choice than AES 256, > until they work out the following: > > http://www.schneier.com/crypto-gram-0908.html#8 Yes, but. http://lists.gnupg.org/pipermail/gnupg-users/2009-August/037107.html David From rjh at sixdemonbag.org Thu Nov 12 04:43:06 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 11 Nov 2009 22:43:06 -0500 Subject: Error importing public key In-Reply-To: <427124.59820.qm@web50807.mail.re2.yahoo.com> References: <427124.59820.qm@web50807.mail.re2.yahoo.com> Message-ID: <4AFB844A.8090909@sixdemonbag.org> Viet H. Phan wrote: > Might there be any bugs in GnuPG 2.0.12? As the key was generated by > GnuPG 2.0.12, but then couldn't be imported to GnuPG 2.0.12 ... There certainly are bugs in GnuPG. If there weren't, they wouldn't need to release a 2.0.13 or beyond. It seems unlikely that your problem is caused by a bug, though: we would expect to see many other users with the same problem. The best thing we can do is to run down all the ways that misconfiguration can create a failure. Once all those things are eliminated, then let's wonder about bugs in GnuPG. From mokuma at co.hawaii.hi.us Wed Nov 11 03:49:11 2009 From: mokuma at co.hawaii.hi.us (mokuma) Date: Tue, 10 Nov 2009 18:49:11 -0800 (PST) Subject: GPG encrypted ... PGP decrypted ... output file name changed Message-ID: <26294449.post@talk.nabble.com> I've encrypted a dat file using GPG (from gpg4win-2.0.1.exe). We changed the encrypted filename from .gpg to .pgp. My counter part used PGP -p to decrypt. The output file after the description comes out to "hh00001" instead of the original filename minus the pgp extension. Why is it changing it to hh00001? Is there a way on our end to encrypt it with gpg so that when it is decrypted, the resulting file is not named hh00001? I know I could tell my counter part to use pgp -o to force the output filename but I'm hoping to avoid that. -- View this message in context: http://old.nabble.com/GPG-encrypted-...-PGP-decrypted-...-output-file-name-changed-tp26294449p26294449.html Sent from the GnuPG - User mailing list archive at Nabble.com. From peter at digitalbrains.com Thu Nov 12 12:06:08 2009 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 12 Nov 2009 12:06:08 +0100 Subject: FSFE Fellower Card + LUKS on Startup In-Reply-To: <200911032017.28349.snope@snope.org> References: <200911032017.28349.snope@snope.org> Message-ID: <4AFBEC20.5070001@digitalbrains.com> > I think it is not a problem to decrypt the key file in the startup process, > isn't it!? Is it possible to access the card reader (omnikey 4040) and the > smartcard via gpg from the initrd ram disk? Has anyone ever tried it in a > similar way or are there any alternatives? Finally, is there a HowTo? I hacked this together on Debian squeeze. It might need a little work to get it working under another distribution. But I did not use LUKS; LUKS is based on passwords and I use the asymmetric crypto of the OpenPGP card, so I figured it made more sense to literally store the encryption key in a file encrypted to the card. I use the cryptsetup package for this (which also handles the LUKS drives, by the way). The basic idea is to include the gpg binary and its libraries, especially libusb-0.1.so.4. The libraries are handled automatically by initramfs-tools, and most, if not all except for libusb, of the libraries are already in the default initramfs. The biggest problem is that gnupg opens /dev/tty and this is not available in the initramfs. This might actually be a bug in initramfs-tools, I'm not sure. To hack a fix, I changed gnupg to open /dev/console instead. This is a hack that will only work in a very limited number of cases, so the binary I create this way is special-purpose for the initramfs. See the diff[1] below. I then use the debian build programs to build a .deb, and from that .deb extract /usr/bin/gpg. I move that binary to /usr/local/lib/cryptsetup/gpg-console (note that gpg-console is the name of the binary, not a directory). There are obviously different ways of compiling. I was just hacking something together and the default Debian binary was fine except for the /dev/tty thing, so I chose to build it the same way as the normal Debian binary, without even looking at other ways like a simple "make". The cryptsetup package uses entries in /etc/crypttab for the encrypted partitions. I use something like the following entry: root_crypt /dev/mapper/vg1-root /etc/gpgcryptroot/root.gpg cipher=aes-cbc-essiv:sha256,size=128,hash=plain, keyscript=/etc/gpgcryptroot/decrypt_gpg This should be one line. vg1-root is the LVM logical volume root in volume group vg1. Next are the scripts for including and using gnupg in the initramfs. They are highly initramfs-tools specific. Secondly, they are a little big to include in this mail, so I uploaded them to [2]. This also includes the diff mentioned before. The actual decryption is done by the script /etc/gpgcryptroot/decrypt_gpg. It does a crude check to see if it is running in the initramfs. If it is not, it takes a different approach more suitable for activating partitions from a fully running system instead of the initramfs. I'll come back to that later. The script expects a directory with at least the following files: pubring.gpg A limited public-key ring, containing only the needed key that is on the smartcard. secring.gpg The limited secret-key ring, again only the needed smartcard key. root.gpg They key to unlock the root. The name is irrelevant (but needs to match the /etc/crypttab entry). It is just the literal key material cryptsetup expects; 16 bytes for AES-128 as above. Optionally a gpg.conf could be placed there if it is necessary for gpg to function correctly. I placed these files at /etc/gpgcryptroot, together with the script. Please mind the access permissions on the files and the directory; gpg expects them to be "secure" and complains otherwise. The decrypt_gpg script invokes the special-purpose gpg binary, and it asks for the PIN of the smartcard. The contents of the decrypted key file are passed to cryptsetup. The final script glues together the other components with the initramfs. I derived it from /usr/share/initramfs-tools/hooks/cryptopensc from the cryptsetup package. It should be placed at /etc/initramfs-tools/hooks/cryptgpg. The /etc/crypttab entry indicates where the files pubring.gpg, secring.gpg, root.gpg and optionally gpg.conf are, and the script copies them to the initramfs. It also copies the /usr/local/lib/cryptsetup/gpg-console binaries and its libraries to the initramfs. A few final words on which partitions (mount points) can be encrypted with this hacked-together scheme. The root is the obvious target and the only one that is somewhat tested. /boot can not be encrypted. This is a fundamental limitation; unless the BIOS or boot loader can do the decryption, you will always need something unencrypted to start from. /usr, as a separate partition, can also not be encrypted without further tweaks, because the script works either in the initramfs, or in a system with /usr/bin and possibly more already mounted. For the system I use it on, everything is in one partition. It's not my normal workstation but a protected environment to do my super secret stuff in ;). The part of the script that does acces to encrypted partitions in a fully booted system expects gpg to be able to decrypt the file succesfully with its default settings. In fact, as a horrible kludge, I use "su" to load the environment normally encountered when root logs in, as environment for gpg to run in. By default, cryptsetup gives a really limited environment to the keyscripts, and this was the first I thought of that works. With "gpg with its default settings", I mean home directory, keyrings, etcetera. I hope this all is somewhat clear. It is definitely not a step-by-step HOWTO, requires some Linux skills and is completely not peer reviewed ;). Good luck, Peter. [1] --- gnupg-1.4.9/util/ttyio.c 2007-10-23 09:55:31.000000000 +0200 +++ gnupg-1.4.9-new/util/ttyio.c 2009-10-05 17:54:25.000000000 +0200 @@ -106,7 +106,7 @@ #endif /* Assume the standard tty on memory error or when there is no ctermid. */ - return name? name : "/dev/tty"; + return "/dev/console"; } [2] From mortenkjarulff at gmail.com Thu Nov 12 15:39:47 2009 From: mortenkjarulff at gmail.com (=?ISO-8859-1?Q?Morten_Kj=E6rulff?=) Date: Thu, 12 Nov 2009 15:39:47 +0100 Subject: Is it safe to put an encrypted file on a public web server In-Reply-To: <20091111154955.GB14001@opensolaris.myhome.westell.com> References: <45313CB9-C168-46EC-8B03-5A9A1CC766C3@jabberwocky.com> <20091111154955.GB14001@opensolaris.myhome.westell.com> Message-ID: Thanks. I get the point - for me, any minimal encryption would be enough, as nobody cares about my photos of my famely. On Wed, Nov 11, 2009 at 4:49 PM, Kevin Kammer wrote: > On Wed, Nov 11, 2009 at 09:01:09AM -0500 > Also sprach David Shaw: >> AES256 is probably the best all-round choice in GPG if you want to >> just say "strongest" and leave it at that > > AES 192 or AES 128 may actually be a more secure choice than AES 256, > until they work out the following: > > http://www.schneier.com/crypto-gram-0908.html#8 > > That having been said, unless a major corporation or intelligence agency > is interested in your data, the relative "strength" of one of these > ciphers over another are mostly academic. Almost nobody would bother > trying to use sophisticated cryptanalytic attacks, because there are so > many avenues of attack that are much easier, cheaper, and still very > effective. > > E.G. is your computer physically guarded 24/7? If not, how do you know > someone hasn't put a keylogger on it? Hey--it's easier than a related- > key attack with 2^117 complexity. > > -Kevin > > -- > "Le hasard favorise l'esprit pr?par?." > ? ? ? ? ? ? ? ? ? ? ?--Louis Pasteur > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From faramir.cl at gmail.com Thu Nov 12 19:26:21 2009 From: faramir.cl at gmail.com (Faramir) Date: Thu, 12 Nov 2009 15:26:21 -0300 Subject: Is it safe to put an encrypted file on a public web server In-Reply-To: References: <45313CB9-C168-46EC-8B03-5A9A1CC766C3@jabberwocky.com> <20091111154955.GB14001@opensolaris.myhome.westell.com> Message-ID: <4AFC534D.2080707@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Morten Kj?rulff escribi?: > Thanks. I get the point - for me, any minimal encryption would be > enough, as nobody cares about my photos of my famely. Then probably you want to use AES, it is supposed to be the fastest algorithm, and very secure. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJK/FNNAAoJEMV4f6PvczxAIOMH/jqsgTMp8CaGf7L7py07Jddo LJpbth6duz37/QJBlKR6wMsuTQhpu/99tE1oVT4K1L30Jp9A/2yjPvaqyDl+CTTF qQxO4ZL005i/neAxcV7WAmTPkcIdd4G9UDS2geT88iFzAgAP4325zkJaDbsj++JD ZwsouuBXnFSWyJM1zcl1gKdNTV/Gz32yQcyct5NO9S7djZwmI6lbcuKLCW04umGS uLNVklF09CJdyfW2j9eFJ4pG8AaHWAIEwR6Jt3QctNyaatcYM7hRrlWZ0dMw1Lgw XZK59ckkWvnLcGokbIeAOyG0h+Es4lRfnOto/SnnoSvF6IMwCwAtiJRxR3nBX80= =beyC -----END PGP SIGNATURE----- From michel.villeneuve at gmail.com Fri Nov 13 13:20:01 2009 From: michel.villeneuve at gmail.com (Michel Villeneuve) Date: Fri, 13 Nov 2009 13:20:01 +0100 Subject: gnupg support of google wave Message-ID: Will the new open protocol wave be supported (signing and encryption) by gnupg ? -- Michel Villeneuve 43, faubourg Jean Jaur?s 07700 Bourg St-And?ol tel : (+33)(0)475547148 / (+33)(0)601981018 GnuPG Key ID 0019690E From kloecker at kde.org Fri Nov 13 22:22:32 2009 From: kloecker at kde.org (Ingo =?utf-8?q?Kl=C3=B6cker?=) Date: Fri, 13 Nov 2009 22:22:32 +0100 Subject: gnupg support of google wave In-Reply-To: References: Message-ID: <200911132222.32599@thufir.ingo-kloecker.de> On Friday 13 November 2009, Michel Villeneuve wrote: > Will the new open protocol wave be supported (signing and encryption) > by gnupg ? I think you are asking the question in the wrong order. You should ask whether OpenPGP will be supported by wave. Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: From hidekis at gmail.com Fri Nov 13 22:28:57 2009 From: hidekis at gmail.com (Hideki Saito) Date: Fri, 13 Nov 2009 13:28:57 -0800 Subject: gnupg support of google wave In-Reply-To: References: Message-ID: <4AFDCF99.5090300@gmail.com> > Will the new open protocol wave be supported (signing and encryption) by gnupg ? > > It's otherway around, wave should support OpenPGP, but then I'm not sure if it'll be much useful. Say, if you (let's call A) start conversation with someone, B. In this case, it wouldn't be too much of problem communicating using OpenPGP. Then what happens if person C is added in the middle of conversation? C wouldn't be able to decipher anything prior to his/her joining as messages are not encrypted for C. -- Hideki Saito Wave: hidekis at googlewave.com From michel.villeneuve at gmail.com Sat Nov 14 00:03:20 2009 From: michel.villeneuve at gmail.com (Michel Villeneuve) Date: Sat, 14 Nov 2009 00:03:20 +0100 Subject: gnupg support of google wave In-Reply-To: <4AFDCF99.5090300@gmail.com> References: <4AFDCF99.5090300@gmail.com> Message-ID: Firstly, by "supported" I mean, if it becomes a standard communication tool, could creation of key process be modified (name, email adress, comment => name wave adress comment), because I understood that an email adress cannot be a wave adress. Is there deep technical issus there or just a matter of vocabulary ? Secondly, > Say, if you (let's call A) start conversation with someone, B. In this > case, it wouldn't be too much of problem communicating using OpenPGP. > Then what happens if person C is added in the middle of conversation? > C wouldn't be able to decipher anything prior to his/her joining as > messages are not encrypted for C. Adding a participant to a wavelate means to me that the wavelet has to be reencrypted by adding C's public key ... but I'm not a tech expert so It might be silly ... -- Michel Villeneuve From rjh at sixdemonbag.org Sat Nov 14 04:40:26 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 13 Nov 2009 22:40:26 -0500 Subject: gnupg support of google wave In-Reply-To: References: <4AFDCF99.5090300@gmail.com> Message-ID: <4AFE26AA.50901@sixdemonbag.org> Michel Villeneuve wrote: > Firstly, by "supported" I mean, if it becomes a standard communication > tool, could creation of key process be modified (name, email adress, > comment => name wave adress comment), because I understood that an > email adress cannot be a wave adress. Is there deep technical issus > there or just a matter of vocabulary ? This is all a ton of cart-before-the-horse. Let me ask a simple question. "If someone enters into the wave, should they be able to read previous traffic?" Some people say yes, some people say no. Some use cases say it's obvious, others say obviously not. It's rash to talk about supporting a particular protocol within Wave before there's a consensus on what behaviors we want. From hs2412 at gmail.com Sat Nov 14 16:02:25 2009 From: hs2412 at gmail.com (Hardeep Singh) Date: Sat, 14 Nov 2009 20:32:25 +0530 Subject: Interesting article on password guessing via cloud computing In-Reply-To: <20091105150519.C76832803F@smtp.hushmail.com> References: <20091105150519.C76832803F@smtp.hushmail.com> Message-ID: Hi David Vedaal and everyone This is something even I have thought: this seems to be a sure way to prevent such computing from being able to 'guess' the password. Why is then, parallel computing being haled as the antidote to privacy? Regards Hardeep Singh http://blog.Hardeep.name Sent from Delhi, India On Thu, Nov 5, 2009 at 8:35 PM, wrote: > David Shaw > wrote on 2009-11-04 18:34:49 : > >>This is not, of course, an OpenPGP "crack", but rather high-speed > >>password guessing. > > a trivial way to defeat this, > would be to provide each client with a pgp keypair, > (physically presented to the client upon the initial transaction > agreement), > and then encrypt the zipfile to a key and not even use a passphrase > > what would be even more interesting, > is if it could be done in a way that truecrypt uses to protect its > encrypted volumes, where the user can choose to use a keyfile as > well as a passphrase, but it cannot be determined before decryption > if a keyfile, passphrase, both or only one, ?has been used > > so, imagine if a client has a zipfile encrypted to both a trivial > password and to a pgp key, and it is not determinable from the > encrypted file itself, if it was encrypted to a key as well, > > all the cloud computing resources available will merrily spin > themselves into exhaustion ubtil they decide that the passphrase is > 'probably too long and complex to crack' > > > vedaal > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From hedgemage at binaryredneck.net Sat Nov 14 19:45:56 2009 From: hedgemage at binaryredneck.net (Susan Stewart) Date: Sat, 14 Nov 2009 12:45:56 -0600 Subject: Trust reference Message-ID: <4AFEFAE4.5060107@binaryredneck.net> Greetings, I'm filing a bug for my IM client (Gajim) because it currently only allows sending of encrypted and/or signed presence or messages to contacts whose keys I trust ultimately (trust level 5). The documentation at http://gnupg.org/gph/en/manual.html#AEN346 appears out of date, as it does not mention level 5 (ultimate trust) at all. Is there some other reference that I could link in my bug to show that ultimate trust should really be reserved for one's own keys, and that it isn't wise to ultimately trust the key of every Alice, Bob, and Mallory one would like to try encrypting a message to? Thanks, Susan From david.russell.scotland at gmail.com Sat Nov 14 20:58:26 2009 From: david.russell.scotland at gmail.com (David Alexander Russell) Date: Sat, 14 Nov 2009 19:58:26 +0000 Subject: Key practice Message-ID: <4AFF0BE2.4080404@gmail.com> I've just bought a netbook with Ubuntu preinstalled, and since integrating with GnuPG is much easier than it is on Windows I thought it would be a good idea to start using it properly. However I don't know what the 'best practice' is with regards to keypairs and so on. I've read in a couple of places that it's a good idea to have a non-expiring 'master key', which is only used to sign (time-expiring) subkeys that one then actually uses for signing and encrypting purposes. The problem is that I'm not particularly hot on cryptography, so it has all combined to pass far over my head! Could some kind soul please explain, in layman's terms, what I should generate and how I should use it? I'm on Ubuntu 8.04 so it's GnuPG 1.4.6 (not the newer version which defaults to RSA - I've read enough FAQs to establish that DSA is a Bad Thing) if that matters. Thanks David Russell From dkg at fifthhorseman.net Sat Nov 14 22:39:38 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sat, 14 Nov 2009 16:39:38 -0500 Subject: Trust reference In-Reply-To: <4AFEFAE4.5060107@binaryredneck.net> References: <4AFEFAE4.5060107@binaryredneck.net> Message-ID: <4AFF239A.5080000@fifthhorseman.net> On 11/14/2009 01:45 PM, Susan Stewart wrote: > I'm filing a bug for my IM client (Gajim) because it currently only > allows sending of encrypted and/or signed presence or messages to > contacts whose keys I trust ultimately (trust level 5). The > documentation at http://gnupg.org/gph/en/manual.html#AEN346 appears out > of date, as it does not mention level 5 (ultimate trust) at all. If Gajim is doing this, you're quite right to file a bug about it. Gajim should not be using any ownertrust designations (ultimate or otherwise) in its decisions about who to send encrypted messages to. Ownertrust has a very specific semantic meaning: it answers the question "how much do i trust OpenPGP certifications made by this key?" Conflating that meaning with other semantics (like "should i send this person encrypted IM messages?") is guaranteed to be wrong in many cases. Even worse, encouraging people to set any sort of ownertrust for the sake of doing something unrelated to the trustworthiness of a given keyholder's certifications is actively bad from a security standpoint -- it encourages people to adjust their tools to accept certifications that they otherwise would not accept. Calculated validity is related to (but quite different from) ownertrust. Calculated validity says "do i believe that this key really belongs to the person identified by the User ID?" It would be reasonable if Gajim wanted to use the calculated validity of a key/userid to determine whether to encrypt messages with the key when sending to a remote party identified by the User ID. After all, if you don't know if a given key really belongs to the person you think you're talking to, encrypting to that key is meaningless. It's meaningless because someone masquerading as the remote party could control the dubious key, and then your encryption *doesn't* do the job of hiding the message to anyone but the intended recipient. Gajim (quite reasonably) wouldn't want to let the user think they were encrypting messages that could actually be intercepted. Feel free to forward any of this to your bug report if you find it useful. > Is there some other reference that I could link in my bug to show that > ultimate trust should really be reserved for one's own keys, and that > it isn't wise to ultimately trust the key of every Alice, Bob, and > Mallory one would like to try encrypting a message to? Unfortunately, i don't know of good detailed references describing these concepts. DETAILS (from the gnupg source) doesn't have much to say about "ultimate", though it seems like a reasonable place to look. If no one else can point to good docs, we should write some. Regards, --dkg PS just what does ultimate ownertrust mean? Ultimate ownertrust is a superset of full ownertrust. Full ownetrust says "Assuming i calculate this key to be valid (to have successfully calculated validity over at least one user ID on the key), any certification made by this key is to be considered acceptable for further validity calculations." Ultimate ownertrust removes the requirement for the key to be already-valid in order to trust the certifications. It's the OpenPGP equivalent of X.509's "Trusted Root Certificate Authority", and it's probably *not* what anyone wants for most keys. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 891 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Sun Nov 15 00:43:47 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 14 Nov 2009 18:43:47 -0500 Subject: Key practice In-Reply-To: <4AFF0BE2.4080404@gmail.com> References: <4AFF0BE2.4080404@gmail.com> Message-ID: <4AFF40B3.3090808@sixdemonbag.org> David Alexander Russell wrote: > However I don't know what the 'best practice' is with regards to > keypairs and so on. GnuPG best practices, in a single sentence: "Unless you know what you're doing and why, stick with the defaults." This one sentence is useful for about 95% of new users' questions. GnuPG is meant to be secure by default: you don't need to know a ton of niggling little details just to use it safely. > The problem is that I'm not particularly hot on cryptography, so it > has all combined to pass far over my head! You're in good company. :) People who write these sorts of articles mean well, but it's very hard to figure out which authors actually know what they're talking about and which are just talking a good game. On top of that, even if you find an article written by someone who knows the subject, the author's recommendations might not make sense in your particular environment. > Could some kind soul please explain, in layman's terms, what I should > generate and how I should use it? I'm on Ubuntu 8.04 so it's GnuPG > 1.4.6 (not the newer version which defaults to RSA - I've read enough > FAQs to establish that DSA is a Bad Thing) if that matters. DSA is not a Bad Thing. Whoever it was who told you this did you a disservice. If you'd like to tell us what you've heard about DSA, we would be happy to correct the misinformation you were given. My suggestion is to "gpg --gen-key". At each step of the way, if you ever don't know what to do, just hit RETURN and go on. GnuPG will produce a high-quality keypair for you. From david.russell.scotland at gmail.com Sun Nov 15 00:51:28 2009 From: david.russell.scotland at gmail.com (David Alexander Russell) Date: Sat, 14 Nov 2009 23:51:28 +0000 Subject: Key practice In-Reply-To: <4AFF40B3.3090808@sixdemonbag.org> References: <4AFF0BE2.4080404@gmail.com> <4AFF40B3.3090808@sixdemonbag.org> Message-ID: <4AFF4280.8050705@gmail.com> Robert J. Hansen wrote: > DSA is not a Bad Thing. Whoever it was who told you this did you a > disservice. If you'd like to tell us what you've heard about DSA, we > would be happy to correct the misinformation you were given. > > My suggestion is to "gpg --gen-key". At each step of the way, if you > ever don't know what to do, just hit RETURN and go on. GnuPG will > produce a high-quality keypair for you. > > Robert, Essentially what I read was that the default 1024-bit DSA key isn't strong enough, due to some flaw in SHA-1 which is the hash used for that size of DSA (that's as much detail as I absorbed I'm afraid) - the main link I have is the Debian website http://www.debian-administration.org/users/dkg/weblog/48 . It was my understanding that in the latest version of GnuPG, 1.4.10, the default had been changed to 2048-bit RSA for precisely this reason. Thanks David R From rjh at sixdemonbag.org Sun Nov 15 02:06:52 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 14 Nov 2009 20:06:52 -0500 Subject: Key practice In-Reply-To: <4AFF4280.8050705@gmail.com> References: <4AFF0BE2.4080404@gmail.com> <4AFF40B3.3090808@sixdemonbag.org> <4AFF4280.8050705@gmail.com> Message-ID: <4AFF542C.2030607@sixdemonbag.org> David Alexander Russell wrote: > Essentially what I read was that the default 1024-bit DSA key isn't > strong enough, due to some flaw in SHA-1 which is the hash used for that > size of DSA (that's as much detail as I absorbed I'm afraid) Don't believe the hype. I don't like DSA-1024, for a lot of reasons similar to the ones in the website you linked. However, there's a big difference between saying "I don't like DSA-1024," and "DSA-1024 is insecure and shouldn't be used." At present, it appears that breaking DSA-1024 is within the realm of plausibility for ridiculously well-equipped adversaries who are willing to spend astronomically absurd sums on breaking your key. Some people think this means "DSA-1024 is broken, don't use it." This seems to be pretty ignorant of history. During the Cold War, the NSA spent absurd amounts of money designing beautiful, elegant ciphers, and training very skilled cipher clerks. The KGB spent small amounts of money on beautiful, elegant women and sending them to these lonely, far-from-home cipher clerks. You can figure out who was in the habit of winning those games of Spy-Vs.-Spy. The moral of the story: no one with two brain cells to rub together is going to attack DSA-1024 cryptanalytically. Not now, and not for the reasonable future. It's going to be much, much faster and cheaper to use other kinds of attacks, attacks which are just as useful against RSA-4096 as DSA-1024. From rjh at sixdemonbag.org Sun Nov 15 02:13:33 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 14 Nov 2009 20:13:33 -0500 Subject: Key practice In-Reply-To: <4AFF4280.8050705@gmail.com> References: <4AFF0BE2.4080404@gmail.com> <4AFF40B3.3090808@sixdemonbag.org> <4AFF4280.8050705@gmail.com> Message-ID: <4AFF55BD.7040704@sixdemonbag.org> Also -- Keep in mind that I am not criticizing that weblog entry. I am only saying, "don't believe the hype." Much of what it says is accurate: it is a good idea to migrate towards better digest algorithms. Just don't believe anyone who tells you that DSA-1024 is insecure: it isn't. That said, you can migrate to a different digest algorithm quite easily. Add these two lines to your gpg.conf file: enable-dsa2 personal-digest-preferences SHA256 RIPEMD160 SHA1 Ta-da! Simple. :) From mariocastelancastro at gmail.com Sun Nov 15 05:31:46 2009 From: mariocastelancastro at gmail.com (Mario =?utf-8?Q?Castel=C3=A1n?= Castro) Date: Sat, 14 Nov 2009 22:31:46 -0600 Subject: Problem with the agent, gpg2 Message-ID: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 November 14th 2009 for gnupg-users at gnupg.org subject "Problem with the agent, gpg2" Hi, I sucefulle compiled and installed GNU PG 2.0.12 but when i do some operation than requires a password i get a message like the following. Someone can tellme how to fix it?. marioxcc at Q6600-0:~/emacs$ gpg2 --clearsign You need a passphrase to unlock the secret key for user: "Mario Xerxes Castelan Castro " 1024-bit DSA key, ID 32E27388, created 2009-08-07 gpg: problem with the agent: Not supported gpg: no default secret key: General error gpg: [stdin]: clearsign failed: General error marioxcc at Q6600-0:~/emacs$ gpg2 -c gpg: problem with the agent: Not supported gpg: error creating passphrase: Operation cancelled gpg: symmetric encryption of `[stdin]' failed: Operation cancelled -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkr/hCUACgkQZ4DA0TLic4jJUQCfd23PP6DfUP5rjyJU3zcvhN/q R8IAniKLskTGDwJq8aXG1arbhkjQvYgE =+TOZ -----END PGP SIGNATURE----- From shavital at mac.com Sun Nov 15 17:13:46 2009 From: shavital at mac.com (Charly Avital) Date: Sun, 15 Nov 2009 11:13:46 -0500 Subject: Problem with the agent, gpg2 In-Reply-To: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> Message-ID: <4B0028BA.9060701@mac.com> Mario Castel?n Castro wrote the following on 11/14/09 11:31 PM: > November 14th 2009 for gnupg-users at gnupg.org subject "Problem with the > agent, gpg2" > > Hi, I sucefulle compiled and installed GNU PG 2.0.12 but when i do > some operation than requires a password i get a message like the > following. > > Someone can tellme how to fix it?. > > marioxcc at Q6600-0:~/emacs$ gpg2 --clearsign > > You need a passphrase to unlock the secret key for > user: "Mario Xerxes Castelan Castro " > 1024-bit DSA key, ID 32E27388, created 2009-08-07 > > gpg: problem with the agent: Not supported > gpg: no default secret key: General error > gpg: [stdin]: clearsign failed: General error > > marioxcc at Q6600-0:~/emacs$ gpg2 -c > gpg: problem with the agent: Not supported > gpg: error creating passphrase: Operation cancelled > gpg: symmetric encryption of `[stdin]' failed: Operation cancelled I can only guess that gpg-agent has not been properly installed, in spite of your successful compilation and installation. Is gpg-agent pointing to the right pinentry program? It probably defaulted to one under /usr/local/ but I suspect that yours lives under /usr/ - edit ~/.gnupg/gpg-agent.conf as appropriate and restart gpg-agent. A work around (not the orthodox solution I'm afraid) would be to enter in ~/.gnupg/gpg-agent.conf a line that should point to the real location of pinentry in your system. Something like: pinentry-program "path to pinentry" Charly From lists at kathera.com Mon Nov 16 05:29:30 2009 From: lists at kathera.com (T. Howell-Cintron) Date: Sun, 15 Nov 2009 22:29:30 -0600 Subject: Multiple Identities Message-ID: <4B00D52A.5040001@kathera.com> I'm roughly familiar with GnuPG and have used it in the past when I had a single presence, a single e-mail address, etc. I'm in a position now where I'm using multiple e-mail addresses, for different purposes, but want to share the same key for the sake of simplicity in my applications (Enigmail for example). I know it's possible to use one key for multiple e-mail addresses/identities but I'm not sure how to go about doing it. Any tips would be appreciated. Thanks, Tom Howell-Cintron From rjh at sixdemonbag.org Mon Nov 16 09:09:24 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 16 Nov 2009 03:09:24 -0500 Subject: Multiple Identities In-Reply-To: <4B00D52A.5040001@kathera.com> References: <4B00D52A.5040001@kathera.com> Message-ID: <4B0108B4.9050505@sixdemonbag.org> T. Howell-Cintron wrote: > I'm in a position now where I'm using multiple e-mail addresses, for > different purposes, but want to share the same key for the sake of > simplicity in my applications (Enigmail for example). I know it's > possible to use one key for multiple e-mail addresses/identities but I'm > not sure how to go about doing it. > > Any tips would be appreciated. You will need your key ID for this. For instance, my key ID is 0xD6B98E10. Substitute your own key ID for mine in these instructions. gpg --edit-key 0xD6B98E10 adduid Enter the name, email address and comment you want associated with the key; follow the prompts. It's pretty straightforward. Once you have it done, send it to the keyservers so that everyone can find your key under your new email address: gpg --keyserver x-hkp://pool.sks-keyservers.net --send-key 0xD6B98E10 Presto, done. From golubcovmv at mail.ru Mon Nov 16 10:32:32 2009 From: golubcovmv at mail.ru (=?Windows-1251?B?zOj14OjrIMPu6/Ph9u7iIChtYWlsbC5ydSk=?=) Date: Mon, 16 Nov 2009 14:32:32 +0500 Subject: avoid gnupg questions Message-ID: <32233455.20091116143232@mail.ru> Hello! Is there a way to to get rid of any insignificant gnupg questions? I'm trying to encrypt automatically a file using a public key of other company. I use command like that: gpg -r some_user_ID -e some_file but gnupg asks me (and I understand what): "gpg:C098CB23: Es gibt keine Garantie, da? dieser Schlussel wirklich dem angegebenen Besitzer gehort. ... Es ist NICHT sicher, da? der Schlussel zu dem in der User-ID Genannten gehort. Wenn Sie *wirklich* wissen, was Sie tun, konnen Sie die nachste Frage mi ja beantworten Diesen Schlussel trotzdem benutzen? (j/N)" The public key, i use for encryption, is self-signed and I suppose this is a cause of that question. But i really can't do anything with this key. Could you help me, please? I wonder if you show me a way how to solve this problem. ------- Looking for your reply, Michael Golubcov From rjh at sixdemonbag.org Mon Nov 16 15:24:47 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 16 Nov 2009 09:24:47 -0500 Subject: avoid gnupg questions In-Reply-To: <32233455.20091116143232@mail.ru> References: <32233455.20091116143232@mail.ru> Message-ID: <4B0160AF.2080206@sixdemonbag.org> ?????? ???????? (maill.ru) wrote: > Could you help me, please? I wonder if you show me a way how to solve > this problem. This problem will go away if you sign the recipient's public key. Alternatively, you can add "trust-model always" to your gpg.conf file. The former is generally preferred, but either one will do. From mariocastelancastro at gmail.com Mon Nov 16 17:08:41 2009 From: mariocastelancastro at gmail.com (=?ISO-8859-1?Q?Mario_Castel=E1n_Castro?=) Date: Mon, 16 Nov 2009 10:08:41 -0600 Subject: Problem with the agent, gpg2 In-Reply-To: <4B0028BA.9060701@mac.com> References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 November 16th 2009 for gnupg-users at gnupg.org, subject "Problem with the agent, gpg2" I do not have that pinentry program. GNU PG 1.4.9 (The one than comes with debian) do not give me that message but i need the new version of GNU PG. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAksBeLQACgkQZ4DA0TLic4jA7wCfbXD/iWjHZit8UkDUMPzfRhON C0AAn0jM8FRUSRahxWlWBFbcvsOx59ps =8Uji -----END PGP SIGNATURE----- From faramir.cl at gmail.com Mon Nov 16 19:08:57 2009 From: faramir.cl at gmail.com (Faramir) Date: Mon, 16 Nov 2009 15:08:57 -0300 Subject: Problem with the agent, gpg2 In-Reply-To: References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> Message-ID: <4B019539.10500@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mario Castel?n Castro escribi?: > November 16th 2009 for gnupg-users at gnupg.org, subject "Problem with > the agent, gpg2" > > I do not have that pinentry program. GNU PG 1.4.9 (The one than comes > with debian) do not give me that message but i need the new version of > GNU PG. There are 2 new versions, GnuPG 1.4.10, and GnuPG 2.x (I don't remember the current value of x), which is a bit harder to use. GnuPG 1.4.10 include Camelia algorithm and has changed the defaults settings for key creation, but other than that, is almost the same as GnuPG 1.4.9, AFAIK. I don't know why do you need GPG 2.x, I know some people has chosen to stay with 1.4.X, because they don't need the x.509 capabilities that are the differente between version 1.4.X and 2.X Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJLAZU5AAoJEMV4f6PvczxA0vkH/R7saIN3Tl/fFJnvaQdSLvBO 38dpX9S+EVHwjZieFeyIyunZSrAS/1CZh7Mpy6hk3ifXhQPo59EUQJFq6QAQFc4J R3+iMoQzpqmXaCAJbBsd/aDDuL4j1z5YsyqjtjeHbPMzShaueseZN7/jF4Voz5m2 4n2fqJ+tyrCDu8WgnS90hQBGZ0AR1ZJiw6s4UPUf+dYVSCwTTGBRkUkIoLCTFcZj ey0rXD9HpqIUdrXhHbmbv0xvS+Iy1bkiadhplGKrw1KGIMr7Vs3Uspi2YP1nMw0/ bdEHCtf2J+phSosVjjGxew9T9DI0M1u2hP1j6u+1tbi5gCH7SY85jImMf2rseAs= =K6qM -----END PGP SIGNATURE----- From John at Mozilla-Enigmail.org Mon Nov 16 21:10:37 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Mon, 16 Nov 2009 14:10:37 -0600 Subject: Multiple Identities In-Reply-To: <4B00D52A.5040001@kathera.com> References: <4B00D52A.5040001@kathera.com> Message-ID: <4B01B1BD.1040404@Mozilla-Enigmail.org> T. Howell-Cintron wrote: > I'm roughly familiar with GnuPG and have used it in the past when I had > a single presence, a single e-mail address, etc. > > I'm in a position now where I'm using multiple e-mail addresses, for > different purposes, but want to share the same key for the sake of > simplicity in my applications (Enigmail for example). I know it's > possible to use one key for multiple e-mail addresses/identities but I'm > not sure how to go about doing it. > > Any tips would be appreciated. If using Enigmail in your copy of Thunderbird: OpenPGP --> Key Management. Click the key you wish to modify and either from the Edit menu or right-click and select Manage User IDs. Click Add. Fill in Name Email Address and any Comment. Click OK From a command (aka DOS) window: gpg --edit-key 0xdecafbad adduid Answer the prompts for Real name:, Email address:, & Comment: If all looks fine, select (O)kay to commit the change. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 679 bytes Desc: OpenPGP digital signature URL: From shavital at mac.com Mon Nov 16 21:45:05 2009 From: shavital at mac.com (Charly Avital) Date: Mon, 16 Nov 2009 15:45:05 -0500 Subject: Problem with the agent, gpg2 In-Reply-To: References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> Message-ID: <4B01B9D1.1010800@mac.com> Mario Castel?n Castro wrote the following on 11/16/09 11:08 AM: > November 16th 2009 for gnupg-users at gnupg.org, subject "Problem with > the agent, gpg2" > > I do not have that pinentry program. GNU PG 1.4.9 (The one than comes > with debian) do not give me that message but i need the new version of > GNU PG. GnuPG 1.* (currently 1.4.10) does not need pinentry. pinentry is the interface used by gpg-agent to enter the pin (or the passphrase), that will be cached (not written to disk) by gpg-agent. Your query related to gpg 2.0.12 that you had compiled under Linux, but that didn't work. For differences between GnuPG 1.* and gpg 2.*, please see Charly I use currently gpg2 both under MacOSX and under Linux. From CONNIE.RODRIGUEZ at childrens.com Mon Nov 16 23:09:41 2009 From: CONNIE.RODRIGUEZ at childrens.com (CONNIE RODRIGUEZ) Date: Mon, 16 Nov 2009 16:09:41 -0600 Subject: gpg: decryption failed: secret key not available Message-ID: <4B017945.632C.0028.0@childrens.com> I hope someone can help. I can encrypt files for our vendor but they cannot decrypt as it errors to secret key not available. I signed the vendors public key after I imported it into the unix system. Any ideas? Thank you in advance for any help anyone can provide. Connie Rodriguez Enterprise Application Analyst Children's Medical Center Dallas 1935 Medical District Drive Dallas, Texas 75235 (214) 456-8480 Please consider the environment before printing this e-mail. This e-mail, facsimile, or letter and any files or attachments transmitted with it contains information that is confidential and privileged. This information is intended only for the use of the individual(s) and entity(ies) to whom it is addressed. If you are the intended recipient, further disclosures are prohibited without proper authorization. If you are not the intended recipient, any disclosure, copying, printing, or use of this information is strictly prohibited and possibly a violation of federal or state law and regulations. If you have received this information in error, please notify Children's Medical Center Dallas immediately at 214-456-4444 or via e-mail at privacy at childrens.com. Children's Medical Center Dallas and its affiliates hereby claim all applicable privileges related to this information. From dougb at dougbarton.us Mon Nov 16 23:30:33 2009 From: dougb at dougbarton.us (Doug Barton) Date: Mon, 16 Nov 2009 14:30:33 -0800 Subject: gpg: decryption failed: secret key not available In-Reply-To: <4B017945.632C.0028.0@childrens.com> References: <4B017945.632C.0028.0@childrens.com> Message-ID: <4B01D289.6030505@dougbarton.us> CONNIE RODRIGUEZ wrote: > I hope someone can help. I can encrypt files for our vendor but they cannot decrypt as it errors to secret key not available. I signed the vendors public key after I imported it into the unix system. Any ideas? Likely 1 of 3 problems: 1. You're not encrypting it to their key 2. They public key they sent you does not match the private key they have on their end 3. The person trying to decrypt the file does not have pgp set up properly and/or does not have access to the private key. I would start debugging this by asking the person to send me a list of the key ids and fingerprints of the private keys that their pgp program can "see" and compare that to what you have. Good luck, Doug -- Improve the effectiveness of your Internet presence with a domain name makeover! http://SupersetSolutions.com/ From dougb at dougbarton.us Mon Nov 16 23:33:55 2009 From: dougb at dougbarton.us (Doug Barton) Date: Mon, 16 Nov 2009 14:33:55 -0800 Subject: Multiple Identities In-Reply-To: <4B00D52A.5040001@kathera.com> References: <4B00D52A.5040001@kathera.com> Message-ID: <4B01D353.6080106@dougbarton.us> T. Howell-Cintron wrote: > I'm roughly familiar with GnuPG and have used it in the past when I had > a single presence, a single e-mail address, etc. > > I'm in a position now where I'm using multiple e-mail addresses, for > different purposes, but want to share the same key for the sake of > simplicity in my applications (Enigmail for example). I know it's > possible to use one key for multiple e-mail addresses/identities but I'm > not sure how to go about doing it. The customary way to do this is to create new uids, which other people have already mentioned. However depending on what you're trying to do it's not mandatory that you do so. For example, in enigmail you can specify the key to use for an account by its key id, which should work fine regardless of the e-mail address associated with the account. OTOH, if you're expecting the people on the other end to encrypt mail sent to you on one of the addresses that is not part of your key, you could run into "issues." hth, Doug -- Improve the effectiveness of your Internet presence with a domain name makeover! http://SupersetSolutions.com/ From melikamp at melikamp.com Tue Nov 17 06:51:49 2009 From: melikamp at melikamp.com (Melikamp The Medley) Date: Tue, 17 Nov 2009 00:51:49 -0500 Subject: is it possible to decide what is a gpg file Message-ID: <4B0239F5.6000601@melikamp.com> Hi everyone! I have a question relating to the symmetric encryption. If I do gpg -c foo-file and enter a passphrase, I get an encrypted foo-file.gpg. Is there a way to tell that it is an encrypted file just by looking at the contents? I mean, is there a reliable way to tell that something is _not_ an encrypted file? From benoit.andry at orange-ftgroup.com Mon Nov 16 16:12:53 2009 From: benoit.andry at orange-ftgroup.com (benoit.andry at orange-ftgroup.com) Date: Mon, 16 Nov 2009 16:12:53 +0100 Subject: [gpgol] bug in GPA during decryption Message-ID: <30569_1258384375_4B016BF7_30569_2002_1_EB0526E758E4764B9B5186295C5790C903C489EB@PUEXCBJ0.nanterre.francetelecom.fr> Hello, have installed Gpg4win 2.0.1 (2009-09-28). Default setup. am running windows XP SP2 outlook 2003 -(11.8206.8221) SP3 I managed to create the keys and import someelse key. No pbm sending encrypted email - they are ok at the destination, but cannot view them in the sent items folder locally (see error in the capture). Cannot view encrypted received emails also with the same error. Any advise will be greatly appreciated. Have a great day, Beno?t Andry ********************************* This message and any attachments (the "message") are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited. Messages are susceptible to alteration. France Telecom Group shall not be liable for the message if altered, changed or falsified. If you are not the intended addressee of this message, please cancel it immediately and inform the sender. ******************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: pgperror.JPG Type: image/jpeg Size: 121329 bytes Desc: pgperror.JPG URL: From timo.lindfors at iki.fi Tue Nov 17 14:42:44 2009 From: timo.lindfors at iki.fi (Timo Juhani Lindfors) Date: Tue, 17 Nov 2009 15:42:44 +0200 Subject: sign emails on untrusted computer but keep key material on a separate computer? Message-ID: <84aayl5ktn.fsf@sauna.l.org> Hi, I'd like to use my MUA on an a regular desktop computer that also runs web browsers and other potentially buggy software. I don't want to have my PGP keys on that computer. However, would it still be possible for the MUA to ask a separate computer to sign emails for me? (The separate computer has its own keyboard and display so that I can see what I am about to sign.) gpg-agent listens on a unix socket. There's a patch to add unix socket forwarding support to openssh. However, the gpg-agent protocol only transmits hash of the message to be signed. This is not enough, I have no way of knowing what I am actually signing. 1) Could gpg-agent protocol be extended to support sending the complete message to be signed and not just its hash? 2) Is there already some existing protocol that I could use? From melikamp at melikamp.com Tue Nov 17 16:52:29 2009 From: melikamp at melikamp.com (Melikamp The Medley) Date: Tue, 17 Nov 2009 10:52:29 -0500 Subject: Is it possible to decide what is a gpg file? Message-ID: <4B02C6BD.4010000@melikamp.com> Hi everyone! Sorry if you get two of these, I screwed up while subscribing to the list. I have a question relating to the symmetric encryption. If I do gpg -c foo-file and enter a passphrase, I get an encrypted foo-file.gpg. Is there a way to tell that it is an encrypted file just by looking at the contents? I mean, is there a reliable way to tell that something is _not_ an encrypted file? From timo.lindfors at iki.fi Tue Nov 17 18:04:43 2009 From: timo.lindfors at iki.fi (Timo Juhani Lindfors) Date: Tue, 17 Nov 2009 19:04:43 +0200 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B02C6BD.4010000@melikamp.com> (Melikamp The Medley's message of "Tue, 17 Nov 2009 10:52:29 -0500") References: <4B02C6BD.4010000@melikamp.com> Message-ID: <844oot5bh0.fsf@sauna.l.org> Melikamp The Medley writes: > and enter a passphrase, I get an encrypted foo-file.gpg. gpg seems to be able to determine the cipher used: $ gpg foo-file.gpg gpg: CAST5 encrypted data From dave.smith at st.com Tue Nov 17 17:28:17 2009 From: dave.smith at st.com (David SMITH) Date: Tue, 17 Nov 2009 16:28:17 +0000 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B02C6BD.4010000@melikamp.com> References: <4B02C6BD.4010000@melikamp.com> Message-ID: <20091117162817.GN4347@bristol.st.com> On Tue, Nov 17, 2009 at 10:52:29AM -0500, Melikamp The Medley wrote: > Sorry if you get two of these, I screwed up while subscribing > to the list. > > I have a question relating to the symmetric encryption. If I do > > gpg -c foo-file > > and enter a passphrase, I get an encrypted foo-file.gpg. > Is there a way to tell that it is an encrypted file just by > looking at the contents? I mean, is there a reliable way to > tell that something is _not_ an encrypted file? Depends on what you mean by "reliable"... I'm sure if you read RFC-4880, you could work out a byte pattern that would give a very good indication, for most practical purposes. However, it would probably be possible for someone to generate a file artificially in a deliberate attempt to fool the filetype detection mechanism. So, it's not "reliable" because it can be fooled intentionally, but for most likely scenarii (i.e. where people aren't deliberately trying to fool it), it would work. If you're running on UNIX (particularly Linux), look at 'man file'. -- David Smith | Tel: +44 (0)1454 462380 Home: +44 (0)1454 616963 STMicroelectronics | Fax: +44 (0)1454 462305 Mobile: +44 (0)7932 642724 1000 Aztec West | TINA: 065 2380 GPG Key: 0xF13192F2 Almondsbury | Work Email: Dave.Smith at st.com BRISTOL, BS32 4SQ | Home Email: David.Smith at ds-electronics.co.uk From melikamp at melikamp.com Tue Nov 17 18:38:16 2009 From: melikamp at melikamp.com (Melikamp T. Medley) Date: Tue, 17 Nov 2009 12:38:16 -0500 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <20091117162817.GN4347@bristol.st.com> References: <4B02C6BD.4010000@melikamp.com> <20091117162817.GN4347@bristol.st.com> Message-ID: <4B02DF88.5080003@melikamp.com> Thanks for your answers, David, Timo. A somewhat related question: is there a tool that is designed to produce "undetectable" encryption, i.e. something that is very plausibly random? I gather from your answers that gpg does not do that. From mariocastelancastro at gmail.com Tue Nov 17 21:54:29 2009 From: mariocastelancastro at gmail.com (=?ISO-8859-1?Q?Mario_Castel=E1n_Castro?=) Date: Tue, 17 Nov 2009 14:54:29 -0600 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <20091117162817.GN4347@bristol.st.com> References: <4B02C6BD.4010000@melikamp.com> <20091117162817.GN4347@bristol.st.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 November 17th for David SMITH Linux do not have a file command, that belogs to the rest of the OS. Linux is only a kernel than is commonly used with the GNU Operating System, but the name for that system is GNU or GNU/Linux. In advance thanks by your understanding. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAksDDTEACgkQZ4DA0TLic4h7rQCePxYym6G2KLhhdiNxCZR3U17S 7YUAnA88xhLNkHO/LsTXLBWsR6Ed9+s2 =Wzjs -----END PGP SIGNATURE----- 2009/11/17 David SMITH : > On Tue, Nov 17, 2009 at 10:52:29AM -0500, Melikamp The Medley wrote: >> Sorry if you get two of these, I screwed up while subscribing >> to the list. >> >> I have a question relating to the symmetric encryption. If I do >> >> gpg -c foo-file >> >> and enter a passphrase, I get an encrypted foo-file.gpg. >> Is there a way to tell that it is an encrypted file just by >> looking at the contents? I mean, is there a reliable way to >> tell that something is _not_ an encrypted file? > > Depends on what you mean by "reliable"... > > I'm sure if you read RFC-4880, you could work out a byte pattern that > would give a very good indication, for most practical purposes. > > However, it would probably be possible for someone to generate a file > artificially in a deliberate attempt to fool the filetype detection > mechanism. ?So, it's not "reliable" because it can be fooled > intentionally, but for most likely scenarii (i.e. where people aren't > deliberately trying to fool it), it would work. > > If you're running on UNIX (particularly Linux), look at 'man file'. From mariocastelancastro at gmail.com Tue Nov 17 22:04:32 2009 From: mariocastelancastro at gmail.com (=?ISO-8859-1?Q?Mario_Castel=E1n_Castro?=) Date: Tue, 17 Nov 2009 15:04:32 -0600 Subject: Problem with the agent, gpg2 In-Reply-To: <4B01B9D1.1010800@mac.com> References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> <4B01B9D1.1010800@mac.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 November 17th for gnupg-users at gnupg.org I need GNU PG 2 because i want to get out of the 1024 bits limit and SHA forced for DSA, i want my next key (2010-2012) to be more secure and accept some SHA2. Charly Avital: Please note than Linux is a Kernel mixed commonly with the GNU Operating System, a correct name for that mix is GNU/Linux, but only "Linux" is not correct. In advance thans by your understanding. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAksDD4MACgkQZ4DA0TLic4j9sgCbBG1tEGBnJ1aZ2OKt0owqXRYQ jToAnRHmLg0TUxCdKr7LbyZqJCJbTctO =L9WA -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Tue Nov 17 22:20:43 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 17 Nov 2009 16:20:43 -0500 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B02C6BD.4010000@melikamp.com> References: <4B02C6BD.4010000@melikamp.com> Message-ID: <4B0313AB.70807@sixdemonbag.org> Melikamp The Medley wrote: > I mean, is there a reliable way to tell that something is _not_ an > encrypted file? If you mean, "a reliable way to tell that something is not an OpenPGP-encrypted file," then yes: check the OpenPGP header at the beginning of the message. If you mean, "a reliable way to tell that something is not an encrypted file, period," then no, not really. There are a lot of qualifiers on the "no, not really." A lot of Ph.D. theses have been written on this subject: it ties into some really deep areas of theoretical computer science. If you want to learn more about the qualifiers, I'd suggest reading up on algorithmic randomness and Kolmogorov-Chaitin complexity. It won't be easy reading, but speaking personally, I find this stuff fascinating. From rjh at sixdemonbag.org Tue Nov 17 22:29:02 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 17 Nov 2009 16:29:02 -0500 Subject: Problem with the agent, gpg2 In-Reply-To: References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> <4B01B9D1.1010800@mac.com> Message-ID: <4B03159E.1030206@sixdemonbag.org> Mario Castel?n Castro wrote: > I need GNU PG 2 because i want to get out of the 1024 bits limit and > SHA forced for DSA, i want my next key (2010-2012) to be more secure > and accept some SHA2. GnuPG 1.4.7 or later (? on the precise version #) supports longer DSAs and better hash algorithms. You don't need GnuPG 2.x for that. > Charly Avital: Please note than Linux is a Kernel mixed commonly with > the GNU Operating System, a correct name for that mix is GNU/Linux, > but only "Linux" is not correct. You are free to call it GNU/Linux if you wish. Likewise, Charly is free to just call it "Ubuntu" or "Fedora" or "Linux Mint" or whatever else is clear and unambiguous, depending on what he wishes. Let's not start a holy war over what the One True Name of the operating system is. From faramir.cl at gmail.com Tue Nov 17 22:54:53 2009 From: faramir.cl at gmail.com (Faramir) Date: Tue, 17 Nov 2009 18:54:53 -0300 Subject: Problem with the agent, gpg2 In-Reply-To: References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> <4B01B9D1.1010800@mac.com> Message-ID: <4B031BAD.7040806@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mario Castel?n Castro escribi?: > November 17th for gnupg-users at gnupg.org > > I need GNU PG 2 because i want to get out of the 1024 bits limit and > SHA forced for DSA, i want my next key (2010-2012) to be more secure > and accept some SHA2. You don't need to change to GnuPG 2 for that, GnuPG 1.4.9 (and probably other earlier versions) already supports DSA2 and RSA keys, even if the defaults for new key generation is DSA 1024 /ElGamal 2048. You can enable DSA2 at gpg.conf file, which would allow you to use DSA 2048, or you can chose RSA keys, which can be 1024, 2048 and 4096. GnuPG 1.4.10 already uses RSA 2048 as default for generation of new keys. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJLAxutAAoJEMV4f6PvczxAw54IAJTrqSNePv0VpvoO2H7nTiRa 4Y6MNTmNlU9uT5YsV4VUuSbidwMsLsCBT3fu8u3Mpuen0bwfFiN45g1t2lAmqtiR AmvpaXrVzXQxzqNxkJPkctEX3Nrt93Sd2I9S2RyP+novGo3Nc3oNo/8/c4SZT6H9 W25hKSyefM+c5F2Tcu5k8Cia3up5J/nNJfGeqH6M1Loktlj5KoiqDDUNmqJpNIB6 FMA6D2utuHMPAnbyaFvwbS1lNTSeHghAu2cHclp+2ZdDZpfyHVTU8hzAhhMW/zd/ ibqSPXvaMg3pe1nVV19KjnXa3iDDq995ViAVgV/2utMvzuehXzuOwYSRN07y6EU= =+jpi -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Tue Nov 17 23:39:44 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 17 Nov 2009 17:39:44 -0500 Subject: Is it possible to decide what is a gpg file? In-Reply-To: References: <4B02C6BD.4010000@melikamp.com> <20091117162817.GN4347@bristol.st.com> Message-ID: <9FB29A72-14DD-440D-BC78-8A948B683313@jabberwocky.com> On Nov 17, 2009, at 3:54 PM, Mario Castel?n Castro wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > November 17th for David SMITH > > Linux do not have a file command, that belogs to the rest of the OS. > > Linux is only a kernel than is commonly used with the GNU Operating > System, but the name for that system is GNU or GNU/Linux. Please stop doing this. Some people call it "GNU/Linux". Some people (the vast majority, at least in the US) call nearly any machine running a Linux kernel "Linux". Some people genuinely don't care. The important thing here is that it's not particularly relevant to the discussion of GnuPG. David From dshaw at jabberwocky.com Tue Nov 17 23:49:41 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 17 Nov 2009 17:49:41 -0500 Subject: Problem with the agent, gpg2 In-Reply-To: <4B03159E.1030206@sixdemonbag.org> References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> <4B01B9D1.1010800@mac.com> <4B03159E.1030206@sixdemonbag.org> Message-ID: On Nov 17, 2009, at 4:29 PM, Robert J. Hansen wrote: > Mario Castel?n Castro wrote: >> I need GNU PG 2 because i want to get out of the 1024 bits limit and >> SHA forced for DSA, i want my next key (2010-2012) to be more secure >> and accept some SHA2. > > GnuPG 1.4.7 or later (? on the precise version #) supports longer DSAs > and better hash algorithms. You don't need GnuPG 2.x for that. 1.4.4, to be precise. That's mid-2006, so it's been supported for a good long time. DSA2 is not, incidentally, the default, which might be the root of the confusion here. You need to run with --enable-dsa2 to get longer DSA keys with larger hash support. David From dshaw at jabberwocky.com Tue Nov 17 23:50:24 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 17 Nov 2009 17:50:24 -0500 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B02DF88.5080003@melikamp.com> References: <4B02C6BD.4010000@melikamp.com> <20091117162817.GN4347@bristol.st.com> <4B02DF88.5080003@melikamp.com> Message-ID: On Nov 17, 2009, at 12:38 PM, Melikamp T. Medley wrote: > Thanks for your answers, David, Timo. > > A somewhat related question: is there a tool that is designed > to produce "undetectable" encryption, i.e. something that is > very plausibly random? I gather from your answers that gpg does > not do that. That is correct, GPG does not do that. In theory, you could transform GPG output in such a way to make it (plausibly) appear random. The difficulty in practice is that my plausible and someone else's plausible may not match up - and you also would need a plausible reason why you chose to hang on to a bunch of large "random" files on your machine ;) If you did some OpenPGP packet manipulation, you could probably do fairly well here... but you'd have to do some work on the receiving side to re-create a valid OpenPGP message so GPG could decrypt it. David From John at Mozilla-Enigmail.org Wed Nov 18 00:34:44 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Tue, 17 Nov 2009 17:34:44 -0600 Subject: [gpgol] bug in GPA during decryption In-Reply-To: <30569_1258384375_4B016BF7_30569_2002_1_EB0526E758E4764B9B5186295C5790C903C489EB@PUEXCBJ0.nanterre.francetelecom.fr> References: <30569_1258384375_4B016BF7_30569_2002_1_EB0526E758E4764B9B5186295C5790C903C489EB@PUEXCBJ0.nanterre.francetelecom.fr> Message-ID: <4B033314.5020006@Mozilla-Enigmail.org> benoit.andry at orange-ftgroup.com wrote: > Hello, > > have installed Gpg4win 2.0.1 (2009-09-28). Default setup. > am running windows XP SP2 > outlook 2003 -(11.8206.8221) SP3 > > I managed to create the keys and import someelse key. > No pbm sending encrypted email - they are ok at the destination, but > cannot view them in the sent items folder locally (see error in the > capture). You most likely need to add your own key to the list of recipients See --encrypt-to and --default-recipient in the documentation -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 679 bytes Desc: OpenPGP digital signature URL: From dougb at dougbarton.us Wed Nov 18 01:04:41 2009 From: dougb at dougbarton.us (Doug Barton) Date: Tue, 17 Nov 2009 16:04:41 -0800 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <844oot5bh0.fsf@sauna.l.org> References: <4B02C6BD.4010000@melikamp.com> <844oot5bh0.fsf@sauna.l.org> Message-ID: <4B033A19.4050001@dougbarton.us> Timo Juhani Lindfors wrote: > Melikamp The Medley writes: >> and enter a passphrase, I get an encrypted foo-file.gpg. > > gpg seems to be able to determine the cipher used: > > $ gpg foo-file.gpg > gpg: CAST5 encrypted data When I try this with gpg2 I get the following: gpg2 bunsen_honeydew.jpg.gpg gpg: error reading key: No public key I get the same result with a file encrypted to a public key (as this one was) and with a symmetrically encrypted file. Am I doing something wrong here? Doug -- Improve the effectiveness of your Internet presence with a domain name makeover! http://SupersetSolutions.com/ From dougb at dougbarton.us Wed Nov 18 01:09:42 2009 From: dougb at dougbarton.us (Doug Barton) Date: Tue, 17 Nov 2009 16:09:42 -0800 Subject: Problem with the agent, gpg2 In-Reply-To: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> Message-ID: <4B033B46.9030303@dougbarton.us> Mario Castel?n Castro wrote: > November 14th 2009 for gnupg-users at gnupg.org subject "Problem with the > agent, gpg2" > > Hi, I sucefulle compiled and installed GNU PG 2.0.12 but when i do > some operation than requires a password i get a message like the > following. It was never clear to me from the ensuing thread whether or not you had gpg-agent running, if so, what command line options did you use, etc. It's also not clear to me if you installed a pinentry program of any kind. If you still want help with this (as opposed to just using gpg 1 which I think would be a better option) you should probably post some more details about your setup. Doug -- Improve the effectiveness of your Internet presence with a domain name makeover! http://SupersetSolutions.com/ From dougb at dougbarton.us Wed Nov 18 01:13:25 2009 From: dougb at dougbarton.us (Doug Barton) Date: Tue, 17 Nov 2009 16:13:25 -0800 Subject: Trust reference In-Reply-To: <4AFEFAE4.5060107@binaryredneck.net> References: <4AFEFAE4.5060107@binaryredneck.net> Message-ID: <4B033C25.9060705@dougbarton.us> Susan Stewart wrote: > Greetings, > > I'm filing a bug for my IM client (Gajim) because it currently only > allows sending of encrypted and/or signed presence or messages to > contacts whose keys I trust ultimately (trust level 5). The > documentation at http://gnupg.org/gph/en/manual.html#AEN346 appears out > of date, as it does not mention level 5 (ultimate trust) at all. Not sure what you're requirements are, but if you're looking for reliable encrypted communication you might want to consider a combination of pidgin and pidgin-OTR (http://www.cypherpunks.ca/otr/). It works well, is pretty easy to set up, and has the added benefit of being enabled by default in adium. hth, Doug -- Improve the effectiveness of your Internet presence with a domain name makeover! http://SupersetSolutions.com/ From JPClizbe at tx.rr.com Wed Nov 18 00:29:07 2009 From: JPClizbe at tx.rr.com (John Clizbe) Date: Tue, 17 Nov 2009 17:29:07 -0600 Subject: Problem with the agent, gpg2 In-Reply-To: References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> <4B01B9D1.1010800@mac.com> Message-ID: <4B0331C3.2060704@tx.rr.com> Mario Castel?n Castro wrote: > November 17th for gnupg-users at gnupg.org > > I need GNU PG 2 because i want to get out of the 1024 bits limit and > SHA forced for DSA, i want my next key (2010-2012) to be more secure > and accept some SHA2. GnuPG 2.0 is not needed for DSA > 1024 GnuPG 1.4.x has supported DSA2 for some time, since 1.4.4 (2006-06-25). See "--enable-dsa2" in the manual for more information. > Charly Avital: Please note than Linux is a Kernel mixed commonly with > the GNU Operating System, a correct name for that mix is GNU/Linux, > but only "Linux" is not correct. Ahh, the Naming Controversy Holy War[0]. Some of us oldsters were using "Linux" back when RMS & others were still trying to get the Hurd kernel up, running and into active use[1]. The controversy even has it's own fairly good-sized Wikipedia page[2]. I like the closing remark on the Wikipedia page: Many users and vendors who prefer the name "Linux" point to the inclusion of non-GNU, non-kernel tools such as the Apache HTTP Server, the X Window System or the K Desktop Environment in end-user operating systems based on the Linux kernel. As stated by Jim Gettys, originator of X: "There are lots of people on this bus; I don't hear a clamor of support that GNU is more essential than many of the other components; can't take a wheel away, and end up with a functional vehicle, or an engine, or the seats. I recommend you be happy we have a bus." The distros I use most often are 'Slackware Linux' and 'Red Hat Enterprise Linux', no 'Gnu' there and no amount of fervent pedantry is likely to get it inserted. You are free to call it GNU/Linux if you wish. Likewise, others are free to just call it "Slackware" or "Redhat" or "SuSE" so long as it's clear and unambiguous. No one is likely to get total agreement over "The One True Name??" of the operating system. See final paragraph of [3]. > In advance thanks by your understanding. And yours ;-) [0] http://www.catb.org/jargon/html/H/holy-wars.html [1] http://en.wikipedia.org/wiki/GNU_Hurd#Development_history [2] http://en.wikipedia.org/wiki/GNU/Linux_naming_controversy [3] http://www.catb.org/jargon/html/L/Linux.html -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 679 bytes Desc: OpenPGP digital signature URL: From melikamp at melikamp.com Wed Nov 18 02:06:51 2009 From: melikamp at melikamp.com (Melikamp T. Medley) Date: Tue, 17 Nov 2009 20:06:51 -0500 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B0313AB.70807@sixdemonbag.org> References: <4B02C6BD.4010000@melikamp.com> <4B0313AB.70807@sixdemonbag.org> Message-ID: <4B0348AB.5000905@melikamp.com> Thank you, Robert. OK so I looked it up and I think what I want is called "deniable encryption". I was just hoping that people here would recommend some FOSS tool to deniably encrypt individual files. If there is no such tool, I am just going to write one. The rest of this message describes the kind of "deniable encryption" that I want. The tool should meet these practical goals: (0) FOSS license (1) Can encrypt individual files (3) Can add salt (like a passphrase) (2) Deniable encryption: Given a file A with random data and a ciphertext B (cleartext is unknown), it should be impossible to guess which is which more than half the time. (3) Deniability is robust: Given a file A with random data and a ciphertext B (cleartext is *known*), it should be infeasible to prove with certainty much above 0.5 that B is the ciphertext. This implies that obtaining the passphrase is impractical and actually feels like a much stronger property. I know a bit about information theory, and it seems to me that there is at least one elementary way to encrypt a file in a way that is "undetectable". One can xor the cleartext by a large pad. Decrypting requires the same pad: anything else will produce garbage. Almost every ciphertext looks like random data. The downside is that (partially) knowing the cleartext would allow to reconstruct the pad, and hence other ciphertext constructed with the same pad would be compromised. A more advanced way to achieve the same goal is to take a passphrase and to use it to construct a ciphertext. The hardest part, as far as I understand, is in showing that it is infeasible to reconstruct the passphrase, even when one has cleartext-ciphertext pairs, and that is where the math becomes very useful. But enough of me rambling. Thank you all in advance :) > There are a lot of qualifiers on the "no, not really." A lot of Ph.D. > theses have been written on this subject: it ties into some really deep > areas of theoretical computer science. If you want to learn more about > the qualifiers, I'd suggest reading up on algorithmic randomness and > Kolmogorov-Chaitin complexity. It won't be easy reading, but speaking > personally, I find this stuff fascinating. From rjh at sixdemonbag.org Wed Nov 18 02:53:57 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 17 Nov 2009 20:53:57 -0500 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B0348AB.5000905@melikamp.com> References: <4B02C6BD.4010000@melikamp.com> <4B0313AB.70807@sixdemonbag.org> <4B0348AB.5000905@melikamp.com> Message-ID: <4B0353B5.9090507@sixdemonbag.org> Melikamp T. Medley wrote: > OK so I looked it up and I think what I want is called "deniable > encryption". What you've described here isn't deniable encryption, not as I know it to be. This shouldn't be too surprising, given there are tons of things I don't know about. :) > (3) Can add salt (like a passphrase) Salting is something that's done to hash functions. Are you sure you mean that you want to add salt to a cipher? > (2) Deniable encryption: Given a file A with random data and a > ciphertext B (cleartext is unknown), it should be impossible to guess > which is which more than half the time. This will be supported by effectively any modern cipher, especially for small files. If you can distinguish ciphertext from random noise, that's usually considered to be a strong sign the cipher is weak. (Note that I'm talking about modern symmetric ciphers. Asymmetric ciphers may very well be distinguishable. I *think* they are, but I can't summon up a reference now for the life of me -- take this as unsubstantiated speculation.) > (3) Deniability is robust: Given a file A with random data and a > ciphertext B (cleartext is *known*), it should be infeasible to prove > with certainty much above 0.5 that B is the ciphertext. This implies > that obtaining the passphrase is impractical and actually feels like > a much stronger property. See above remarks: this is a fairly basic test for symmetric ciphers. Note that I'm talking only about pure cipher algorithms. Once you add headers, magic numbers and so on -- all of which OpenPGP does, as will many other crypto applications -- then both #s 2 and 3 fail. From mariocastelancastro at gmail.com Wed Nov 18 02:58:37 2009 From: mariocastelancastro at gmail.com (=?ISO-8859-1?Q?Mario_Castel=E1n_Castro?=) Date: Tue, 17 Nov 2009 19:58:37 -0600 Subject: Problem with the agent, gpg2 In-Reply-To: <4B0331C3.2060704@tx.rr.com> References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> <4B01B9D1.1010800@mac.com> <4B0331C3.2060704@tx.rr.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 November 17th for gnupg-users at gnupg.org Thanks by the --enable-dsa2 tip. Someone can tellme wath line should i put on my gpg.cong?. BTW I also want to remove sha1 from my key preferences. I understand than the standard requires to support sha1 but i do not want to that. Maybe soon the computing power becomes cheap enougth so sha1 is in the range. PD: I will not loose my time repeating why GNU/Linux should be called "GNU/Linux", it is alredy explained very well in http://www.gnu.org/gnu/gnu-linux-faq.html. Is pointless to discuss with obstinate people who do not admit his mistrakes. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAksDVG0ACgkQZ4DA0TLic4hQngCeK4QrWOWsvrvtU1MoK/XfgjgI yrMAn0+rJcKX+5U2vwX43qwTezGP9AlC =HWeP -----END PGP SIGNATURE----- From mariocastelancastro at gmail.com Wed Nov 18 03:39:06 2009 From: mariocastelancastro at gmail.com (=?ISO-8859-1?Q?Mario_Castel=E1n_Castro?=) Date: Tue, 17 Nov 2009 20:39:06 -0600 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B0353B5.9090507@sixdemonbag.org> References: <4B02C6BD.4010000@melikamp.com> <4B0313AB.70807@sixdemonbag.org> <4B0348AB.5000905@melikamp.com> <4B0353B5.9090507@sixdemonbag.org> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 November 17th 2009 for gnupg-users at gnupg.org Hi, I suggest to search for steganography, the cience/art of hidding messages. I never used a program than do steganography but search for one, there must be a lot of free (as in freedom) ones. LSB steganography is very easy to implement. Remeber than a lot of (Wath appears to be) random data is incriminatory and you will be forced to say the cipher and key used. Depending of the -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAksDXe8ACgkQZ4DA0TLic4gBagCgh8QaOzqX5kpbJtNznIiFD6AL mVwAmgLQprgxQaC/fYNWB7BlfM4tyt/L =XjGI -----END PGP SIGNATURE----- From ml at mareichelt.de Tue Nov 17 22:24:24 2009 From: ml at mareichelt.de (markus reichelt) Date: Tue, 17 Nov 2009 22:24:24 +0100 Subject: Problem with the agent, gpg2 In-Reply-To: References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> <4B01B9D1.1010800@mac.com> Message-ID: <20091117212424.GA6241@tatooine.rebelbase.local> * Mario Castel?n Castro wrote: > I need GNU PG 2 because i want to get out of the 1024 bits limit > and SHA forced for DSA, i want my next key (2010-2012) to be more > secure and accept some SHA2. You don't need gpg2 for that. -- left blank, right bald -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: From rjh at sixdemonbag.org Wed Nov 18 03:58:12 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 17 Nov 2009 21:58:12 -0500 Subject: Problem with the agent, gpg2 In-Reply-To: References: <87ocn4s91p.fsf@Q6600-0.ver.megared.net.mx> <4B0028BA.9060701@mac.com> <4B01B9D1.1010800@mac.com> <4B0331C3.2060704@tx.rr.com> Message-ID: <4B0362C4.60404@sixdemonbag.org> Mario Castel?n Castro wrote: > Thanks by the --enable-dsa2 tip. > > Someone can tellme wath line should i put on my gpg.cong?. enable-dsa2 > BTW I also want to remove sha1 from my key preferences. Can't be done. The OpenPGP standard requires that it be present. Even if you explicitly remove it, any OpenPGP-conformant application will silently add it to the end of your preference list. From marcio.barbado at gmail.com Wed Nov 18 04:00:29 2009 From: marcio.barbado at gmail.com (M.B.Jr.) Date: Wed, 18 Nov 2009 01:00:29 -0200 Subject: digital signature primary key and encryption subkey Message-ID: <2df3b0cb0911171900i27b8fda8s4205478258a28238@mail.gmail.com> Hi list, one lame confusion I'm facing now. I was reading GnuPG's "Signing Subkey Cross-Certification" page [1], and as a matter of fact, these two simple doubts did arise. Suppose one provides the command: gpg --gen-key and chooses the default "DSA and Elgamal" option. 1st doubt: DSA will be the basis for the primary key and Elgamal, the basis for the encryption subkey, is this assertion correct? if so, 2nd doubt is: both my public and private keys will be built upon my DSA primary key and my Elgamal encryption subkey? That's all. Regards, Marcio Barbado, Jr. [1] http://www.gnupg.org/faq/subkey-cross-certify.en.html From dshaw at jabberwocky.com Wed Nov 18 04:21:57 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 17 Nov 2009 22:21:57 -0500 Subject: digital signature primary key and encryption subkey In-Reply-To: <2df3b0cb0911171900i27b8fda8s4205478258a28238@mail.gmail.com> References: <2df3b0cb0911171900i27b8fda8s4205478258a28238@mail.gmail.com> Message-ID: <28EF1216-2581-44D5-A527-AD8D195EC00F@jabberwocky.com> On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote: > Hi list, > one lame confusion I'm facing now. > > I was reading GnuPG's "Signing Subkey Cross-Certification" page [1], > and as a matter of fact, these two simple doubts did arise. > > Suppose one provides the command: > > gpg --gen-key > > and chooses the default "DSA and Elgamal" option. Note that the default is "RSA and RSA" now, but "DSA and Elgamal" are still available. > 1st doubt: > DSA will be the basis for the primary key and Elgamal, the basis for > the encryption subkey, is this assertion correct? Yes. > if so, 2nd doubt is: > both my public and private keys will be built upon my DSA primary key > and my Elgamal encryption subkey? I'm afraid I don't really understand what you are asking. Your primary key (DSA) has a public and private part, and uses the DSA algorithm. Your subkey (Elgamal) has a public and private part, and uses the Elgamal algorithm. Your subkey is signed by your primary key to indicate that they belong together. David From laurent.jumet at skynet.be Wed Nov 18 12:56:46 2009 From: laurent.jumet at skynet.be (Laurent Jumet) Date: Wed, 18 Nov 2009 12:56:46 +0100 Subject: SmartCard... Message-ID: Hello ! I'm trying for the first time GPG with a SmartCard (chip card) and it doesn't work despite the device is recognized. I'm trying with my ID card and with my bank card, but none works. I get this message: === Begin Windows Clipboard === gpg: detected reader `ACS CCID USB Reader 0' Please insert the card and hit return or enter 'c' to cancel: Please insert the card and hit return or enter 'c' to cancel: Please insert the card and hit return or enter 'c' to cancel: c gpg: selecting openpgp failed: general error gpg: OpenPGP card not available: general error === End Windows Clipboard === Could someone give me some explanation related to what features I could expect from GPG, providing those smartcards haven't been created with GPG itself? -- Laurent Jumet KeyID: 0xCFAF704C From nils.faerber at kernelconcepts.de Wed Nov 18 13:13:42 2009 From: nils.faerber at kernelconcepts.de (Nils Faerber) Date: Wed, 18 Nov 2009 13:13:42 +0100 Subject: SmartCard... In-Reply-To: References: Message-ID: <4B03E4F6.9060402@kernelconcepts.de> Laurent Jumet schrieb: > Hello ! Hi! > I'm trying for the first time GPG with a SmartCard (chip card) and it doesn't work despite the device is recognized. > I'm trying with my ID card and with my bank card, but none works. > I get this message: > > === Begin Windows Clipboard === > gpg: detected reader `ACS CCID USB Reader 0' > Please insert the card and hit return or enter 'c' to cancel: > Please insert the card and hit return or enter 'c' to cancel: > Please insert the card and hit return or enter 'c' to cancel: c > gpg: selecting openpgp failed: general error > gpg: OpenPGP card not available: general error > === End Windows Clipboard === > > Could someone give me some explanation related to what features I could expect from GPG, providing those smartcards haven't been created with GPG itself? Errr... you need the OpenPGP smart card to us it with GnuPG as a key-storing smart card. This does not work just with any card ;) Cheers nils -- kernel concepts GbR Tel: +49-271-771091-12 Sieghuetter Hauptweg 48 Fax: +49-271-771091-19 D-57072 Siegen Mob: +49-176-21024535 http://www.kernelconcepts.de From marcio.barbado at gmail.com Wed Nov 18 14:49:07 2009 From: marcio.barbado at gmail.com (M.B.Jr.) Date: Wed, 18 Nov 2009 11:49:07 -0200 Subject: digital signature primary key and encryption subkey In-Reply-To: <28EF1216-2581-44D5-A527-AD8D195EC00F@jabberwocky.com> References: <2df3b0cb0911171900i27b8fda8s4205478258a28238@mail.gmail.com> <28EF1216-2581-44D5-A527-AD8D195EC00F@jabberwocky.com> Message-ID: <2df3b0cb0911180549h2ff4afd4p7a2e0f10193bf67c@mail.gmail.com> Hi David, On Wed, Nov 18, 2009 at 1:21 AM, David Shaw wrote: > On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote: > >> both my public and private keys will be built upon my DSA primary key >> and my Elgamal encryption subkey? > > I'm afraid I don't really understand what you are asking. ?Your primary key > (DSA) has a public and private part, and uses the DSA algorithm. ?Your > subkey (Elgamal) has a public and private part, and uses the Elgamal > algorithm. ?Your subkey is signed by your primary key to indicate that they > belong together. Your answer certainly covered more than I expected. Thank you. So, public parts (from my primary key and my subkey) formed my public key and the same goes to the private parts and my private key. Is that correct? Marcio Barbado, Jr. From dshaw at jabberwocky.com Wed Nov 18 15:38:24 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 18 Nov 2009 09:38:24 -0500 Subject: digital signature primary key and encryption subkey In-Reply-To: <2df3b0cb0911180549h2ff4afd4p7a2e0f10193bf67c@mail.gmail.com> References: <2df3b0cb0911171900i27b8fda8s4205478258a28238@mail.gmail.com> <28EF1216-2581-44D5-A527-AD8D195EC00F@jabberwocky.com> <2df3b0cb0911180549h2ff4afd4p7a2e0f10193bf67c@mail.gmail.com> Message-ID: On Nov 18, 2009, at 8:49 AM, M.B.Jr. wrote: > Hi David, > > > On Wed, Nov 18, 2009 at 1:21 AM, David Shaw wrote: >> On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote: >> >>> both my public and private keys will be built upon my DSA primary key >>> and my Elgamal encryption subkey? >> >> I'm afraid I don't really understand what you are asking. Your primary key >> (DSA) has a public and private part, and uses the DSA algorithm. Your >> subkey (Elgamal) has a public and private part, and uses the Elgamal >> algorithm. Your subkey is signed by your primary key to indicate that they >> belong together. > > > Your answer certainly covered more than I expected. Thank you. > > So, public parts (from my primary key and my subkey) formed my public > key and the same goes to the private parts and my private key. Is that > correct? Yes. "Public key" is frequently shorthand for a number of public keys stuck together with some OpenPGP glue, and the same is true for private keys. David From marcio.barbado at gmail.com Wed Nov 18 17:51:07 2009 From: marcio.barbado at gmail.com (M.B.Jr.) Date: Wed, 18 Nov 2009 14:51:07 -0200 Subject: digital signature primary key and encryption subkey In-Reply-To: References: <2df3b0cb0911171900i27b8fda8s4205478258a28238@mail.gmail.com> <28EF1216-2581-44D5-A527-AD8D195EC00F@jabberwocky.com> <2df3b0cb0911180549h2ff4afd4p7a2e0f10193bf67c@mail.gmail.com> Message-ID: <2df3b0cb0911180851h64860a3cgc173377fade50ab7@mail.gmail.com> Thanks again, David. The last dumb question, I promise, would be: how can I see my primary key and my subkey as well? On Wed, Nov 18, 2009 at 12:38 PM, David Shaw wrote: > On Nov 18, 2009, at 8:49 AM, M.B.Jr. wrote: > >> Hi David, >> >> >> On Wed, Nov 18, 2009 at 1:21 AM, David Shaw wrote: >>> On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote: >>> >>>> both my public and private keys will be built upon my DSA primary key >>>> and my Elgamal encryption subkey? >>> >>> I'm afraid I don't really understand what you are asking. ?Your primary key >>> (DSA) has a public and private part, and uses the DSA algorithm. ?Your >>> subkey (Elgamal) has a public and private part, and uses the Elgamal >>> algorithm. ?Your subkey is signed by your primary key to indicate that they >>> belong together. >> >> >> Your answer certainly covered more than I expected. Thank you. >> >> So, public parts (from my primary key and my subkey) formed my public >> key and the same goes to the private parts and my private key. Is that >> correct? > > Yes. ?"Public key" is frequently shorthand for a number of public keys stuck together with some OpenPGP glue, and the same is true for private keys. > > David Marcio Barbado, Jr. From ml at mareichelt.de Wed Nov 18 20:32:36 2009 From: ml at mareichelt.de (markus reichelt) Date: Wed, 18 Nov 2009 20:32:36 +0100 Subject: gpg: key generation failed: Card error Message-ID: <20091118193236.GC6241@tatooine.rebelbase.local> Hi, I cannot create keys on my shiny new v2 smartcard. Personalizing the card works just fine, as does changing PINs. But when I want to generate new keys I always get this error message (after gpg asked about how long the key shall be valid): gpg: key generation failed: Card error Key generation failed: Card error That's on a stock Slackware 13 system, gpg (GnuPG) 2.0.12, libgcrypt 1.4.4 with OMNIKEY CardMan 4040 v1.1.0gm5. Any hints? -- left blank, right bald -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: From John at Mozilla-Enigmail.org Wed Nov 18 22:20:42 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Wed, 18 Nov 2009 15:20:42 -0600 Subject: digital signature primary key and encryption subkey In-Reply-To: <2df3b0cb0911180851h64860a3cgc173377fade50ab7@mail.gmail.com> References: <2df3b0cb0911171900i27b8fda8s4205478258a28238@mail.gmail.com> <28EF1216-2581-44D5-A527-AD8D195EC00F@jabberwocky.com> <2df3b0cb0911180549h2ff4afd4p7a2e0f10193bf67c@mail.gmail.com> <2df3b0cb0911180851h64860a3cgc173377fade50ab7@mail.gmail.com> Message-ID: <4B04652A.4080804@Mozilla-Enigmail.org> M.B.Jr. wrote: > Thanks again, David. > > The last dumb question, I promise, would be: There aren't any dumb questions. > how can I see my primary key and my subkey as well? $ gpg --list-key 0x0x608d2a10 pub 1024D/608D2A10 2003-03-06 uid John P. Clizbe uid [jpeg image of size 4563] sub 2048g/EF4010D2 2003-03-06 608D2A10 is a 1024-bit DSA key. Subkey EF4010D2 is 2048-bit El Gamal. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From jmoore3rd at bellsouth.net Thu Nov 19 01:34:43 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Wed, 18 Nov 2009 19:34:43 -0500 Subject: digital signature primary key and encryption subkey In-Reply-To: <4B04652A.4080804@Mozilla-Enigmail.org> References: <2df3b0cb0911171900i27b8fda8s4205478258a28238@mail.gmail.com> <28EF1216-2581-44D5-A527-AD8D195EC00F@jabberwocky.com> <2df3b0cb0911180549h2ff4afd4p7a2e0f10193bf67c@mail.gmail.com> <2df3b0cb0911180851h64860a3cgc173377fade50ab7@mail.gmail.com> <4B04652A.4080804@Mozilla-Enigmail.org> Message-ID: <4B0492A3.9000604@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 John Clizbe wrote: > M.B.Jr. wrote: >> Thanks again, David. >> >> The last dumb question, I promise, would be: > > There aren't any dumb questions. Yes, there are! They are the Questions that _were_never_ asked! JOHN ;) Timestamp: Wednesday 18 Nov 2009, 19:34 --500 (Eastern Standard Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Personal Web Page: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJLBJKhAAoJEBCGy9eAtCsP3jcIAKOAy3S48Ngu+Ea+muRbr6Vl ci/lWWJqH3OArDL0Y7baBvTzIoYzqsUCkLi9eJj5Xe9x5z2M0xm+yA0tt1SyPjHN +eC/xdMNzVJA9QmVGteUgDdDjxisROqgZJGV81GsBdyc/KC7WP+O5F49zYl6fYb3 vRMqBVBtmZx0Obs50L5FbdCpcqXKR8MyKDZ36VZBWrt8TTm59FjauXhqn56s7E1m VxeXItZCLmOmIpEoaEzH7TVds0g9GF0DfFG3An2fyaci0bGxNpkM15GFmkMTEPAb Z9WzOdyCjr4GBEzBKCz6jxh4lFAE2/Ayh4hXezFWF31Pf8lbYR9ceIT14Moxtrg= =eNLs -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Thu Nov 19 02:34:14 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 18 Nov 2009 20:34:14 -0500 Subject: digital signature primary key and encryption subkey In-Reply-To: <4B0492A3.9000604@bellsouth.net> References: <2df3b0cb0911171900i27b8fda8s4205478258a28238@mail.gmail.com> <28EF1216-2581-44D5-A527-AD8D195EC00F@jabberwocky.com> <2df3b0cb0911180549h2ff4afd4p7a2e0f10193bf67c@mail.gmail.com> <2df3b0cb0911180851h64860a3cgc173377fade50ab7@mail.gmail.com> <4B04652A.4080804@Mozilla-Enigmail.org> <4B0492A3.9000604@bellsouth.net> Message-ID: <4B04A096.8090307@sixdemonbag.org> John W. Moore III wrote: > Yes, there are! They are the Questions that _were_never_ asked! Japanese: ?????????????????? English: "If you ask, you'll feel stupid for a minute. If you don't, you'll be stupid forever." (The translation is pretty far from literal.) From gnupg at westhaeuser.de Thu Nov 19 14:42:10 2009 From: gnupg at westhaeuser.de (Helmut) Date: Thu, 19 Nov 2009 14:42:10 +0100 Subject: Problems generating keys on OpenPGP SmartCard V2 Message-ID: <20091119144210.6146752s26mv7qya@mail.your-server.de> Hi there, I'm new to the list and actually trying to get my Smartcard working for encryption, using the Shell Token V2 from gemalto. If I try to generate a key or to change the password of the card, I get errors (see debug below). I bought a OpenPGP SmartCard V2 from kernel concepts and have a card reader from gemalto (should be the "USB Shell Token V2", showed as `Gemplus USB Key Smart Card Reader 0'). I tried on Ubuntu 9.10, Windows XP and Windows 2000, everytime with the latest GnuPg Version. I also tried an ORGA USB Card Reader Eco 5000 (shown as "OMNIKEY CardMan 3x21 0") and a PCMCIA Smartcardreader from chipdrive (shown as `SCM Microsystems Inc. SCR24x PCMCIA Smart Card Reader 0'). I get alway the same error. The following log was produced on W2k on two different computers, GnuPg Version 1.4.9 and latest Driver versions for the different readers: -------------------------------------------------------------------------------------------- Application ID ...: XXX....XXX Version ..........: 2.0 Manufacturer .....: unknown Serial number ....: 00000085 Name of cardholder: Helmut Westhaeuser Language prefs ...: de Sex ..............: m?nnlich URL of public key : [nicht gesetzt] Login data .......: [nicht gesetzt] Signature PIN ....: zwingend Max. PIN lengths .: 32 32 32 PIN retry counter : 3 0 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] Befehl> generate gpg: DBG: send apdu: c=00 i=CA p0=00 p1=C4 lc=-1 le=256 gpg: DBG: PCSC_data: 00 CA 00 C4 00 gpg: DBG: response: sw=9000 datalen=7 gpg: DBG: dump: 00 20 20 20 03 00 03 Sicherung des Verschl?sselungsschl?ssel au?erhalb der Karte erstellen? (J/n) gpg: DBG: send apdu: c=00 i=DA p0=00 p1=C4 lc=1 le=-1 gpg: DBG: PCSC_data: 00 DA 00 C4 01 01 gpg: DBG: response: sw=9000 datalen=0 gpg: DBG: dump: Bitte w?hlen Sie, wie lange der Schl?ssel g?ltig bleiben soll. 0 = Schl?ssel verf?llt nie = Schl?ssel verf?llt nach n Tagen w = Schl?ssel verf?llt nach n Wochen m = Schl?ssel verf?llt nach n Monaten y = Schl?ssel verf?llt nach n Jahren Wie lange bleibt der Schl?ssel g?ltig? (0) 0 Schl?ssel verf?llt nie Ist dies richtig? (j/N) j Sie ben?tigen eine User-ID, um Ihren Schl?ssel eindeutig zu machen; das Programm baut diese User-ID aus Ihrem echten Namen, einem Kommentar und Ihrer Email-Adresse in dieser Form auf: "Heinrich Heine (Der Dichter) " Ihr Name ("Vorname Nachname"): Test5 Email-Adresse: test at test.de Kommentar: Sie haben diese User-ID gew?hlt: "Test5 " ?ndern: (N)ame, (K)ommentar, (E)-Mail oder (F)ertig/(B)eenden? f gpg: DBG: send apdu: c=00 i=CA p0=00 p1=6E lc=-1 le=256 gpg: DBG: PCSC_data: 00 CA 00 6E 00 gpg: DBG: response: sw=9000 datalen=217 gpg: DBG: dump: 4F 10 D2 76 00 01 24 01 02 00 00 05 00 00 00 85 00 00 5F 52 0A 00 31 C5 73 C0 01 40 05 90 00 73 81 B7 C0 0A 7C 00 08 00 08 00 08 00 08 00 C1 06 01 08 00 00 20 00 C2 06 01 08 00 00 20 00 C3 06 01 08 00 00 20 00 C4 07 0 1 20 20 20 03 00 03 C5 3C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C6 3C 00 00 00 00 00 00 00 00 00 0 0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CD 0C 00 00 00 00 00 00 00 00 00 00 00 00 gpg: neue Schl?ssel werden erzeugt gpg: Bitte warten, der Schl?ssel wird erzeugt ... gpg: DBG: send apdu: c=00 i=47 p0=80 p1=00 lc=2 le=256 gpg: DBG: PCSC_data: 00 47 80 00 02 B6 00 00 gpg: DBG: response: sw=6700 datalen=0 gpg: Schl?sselerzeugung fehlgeschlagen gpg: key generation failed: Allgemeiner Fehler Schl?sselerzeugung fehlgeschlagen: Allgemeiner Fehler gpg: DBG: send apdu: c=00 i=DA p0=00 p1=C4 lc=1 le=-1 gpg: DBG: PCSC_data: 00 DA 00 C4 01 00 gpg: DBG: response: sw=9000 datalen=0 gpg: DBG: dump: Befehl> gpg --version gpg (GnuPG) 1.4.9 Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: D:/hwe/GnuPG Unterst?tzte Verfahren: ?ff.Schl?ssel: RSA, RSA-E, RSA-S, ELG-E, DSA Verschl?.: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Komprimierung: nicht komprimiert, ZIP, ZLIB, BZIP2 gpg --change-pin gpg: detected reader `OMNIKEY CardMan 3x21 0' gpg: OpenPGP Karte Nr. XXXXXXXXXX....XXXXXXXX erkannt 1 - change PIN 2 - unblock PIN 3 - change Admin PIN Q - quit Ihre Auswahl? 1 PIN Neue PIN Neue PIN Error changing the PIN: Ung?ltiges Argument (Argument not valid) 1 - change PIN 2 - unblock PIN 3 - change Admin PIN Q - quit Ihre Auswahl? q -------------------------------------------------------------------------------------------- Help would be great, I didn't find anything in the web. Thanx helmut From vedaal at hush.com Thu Nov 19 16:26:57 2009 From: vedaal at hush.com (vedaal at hush.com) Date: Thu, 19 Nov 2009 10:26:57 -0500 Subject: Is it possible to decide what is a gpg file? Message-ID: <20091119152657.345E12803F@smtp.hushmail.com> There is no way (yet, ;-) ), to do what you want in gnupg, as a gnupg encrypted file will show that it was encrypted either symmetrically or to a key. But, if you don't mind XOR-ing with a large pad, and you have a secure place to keep the pad, (not on the computer with the encrypted files), you can do something like the following: [1] Encrypt whatever file you want using gnupg, and the options of --throw-keyids --armor This will produce a ciphertext output of the encrypted file, with no information about the key it was encrypted to, except for the type (dh, rsa) and the size. [2] Find, or write, a document equal to or greater, than the size of the file in [1], and save it on your computer, and do not save the file in [1]. [3] Construct a pad that XOR's from the file in [2] to the file in [1]. [4] Save the pad securely somewhere else. [5] If the pad is discovered, people will expect to use it to apply to a ciphertext and recover a plaintext, not the other way around, and you have no ciphertexts on your computer, and even if it were used correctly to recover the ciphertext, the plaintext still cannot be recovered without the key and passphrase. BUT, Only you know what your threat model is. This will probably not be a good idea to use if your threat model includes dangerous determined adversaries who know the field. vedaal From mearns.b at gmail.com Thu Nov 19 17:03:06 2009 From: mearns.b at gmail.com (Brian Mearns) Date: Thu, 19 Nov 2009 11:03:06 -0500 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4df3a1330911190802j5cb19672sa39b4d44c4bfd25b@mail.gmail.com> References: <20091119152657.345E12803F@smtp.hushmail.com> <4df3a1330911190802j5cb19672sa39b4d44c4bfd25b@mail.gmail.com> Message-ID: <4df3a1330911190803p41db09a8m963958e948b6eb5a@mail.gmail.com> Sorry, sent to author instead of list again. Message below. On Thu, Nov 19, 2009 at 11:02 AM, Brian Mearns wrote: > On Thu, Nov 19, 2009 at 10:26 AM, ? wrote: >> There is no way (yet, ;-) ), to do what you want in gnupg, as a >> gnupg encrypted file will show that it was encrypted either >> symmetrically or to a key. >> >> But, if you don't mind XOR-ing with a large pad, and you have a >> secure place to keep the pad, (not on the computer with the >> encrypted files), >> you can do something like the following: >> >> [1] Encrypt whatever file you want using gnupg, and the options of >> --throw-keyids ?--armor >> >> This will produce a ciphertext output of the encrypted file, with >> no information about the key it was encrypted to, except for the >> type (dh, rsa) and the size. >> >> [2] Find, or write, a document equal to or greater, than the size >> of the file in [1], and save it on your computer, and do not save >> the file in [1]. >> >> [3] Construct a pad that XOR's from the file in [2] to the file in >> [1]. >> >> [4] Save the pad securely somewhere else. >> >> [5] If the pad is discovered, people will expect to use it to apply >> to a ciphertext and recover a plaintext, not the other way around, >> and you have no ciphertexts on your computer, and even if it were >> used correctly to recover the ciphertext, the plaintext still >> cannot be recovered without the key and passphrase. >> >> BUT, >> >> Only you know what your threat model is. >> >> This will probably not be a good idea to use if your threat model >> includes dangerous determined adversaries who know the field. >> >> >> vedaal > [snip] > > I think you're very much over-complicating things. If you're going to > go through all the trouble of creating a pad of equal length to your > message, then just make it an OTP, XOR it with your message, and > you're done. No need for gpg at all in that case, and no need for a > cover document. > > If he wants to hide the fact that he has an encrypted document, that's > a completely different matter and calls for steganography. > > -Brian > > > > > -- > Feel free to contact me using PGP Encryption: > Key Id: 0x3AA70848 > Available from: http://keys.gnupg.net > -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net From vedaal at hush.com Fri Nov 20 00:40:19 2009 From: vedaal at hush.com (vedaal at hush.com) Date: Thu, 19 Nov 2009 18:40:19 -0500 Subject: Is it possible to decide what is a gpg file? Message-ID: <20091119234019.5E18711803D@smtp.hushmail.com> On Thu, 19 Nov 2009 11:02:35 -0500 Brian Mearns wrote: >If he wants to hide the fact that he has an encrypted document, >that's a completely different matter and calls for steganography. That's what i thought that he wanted. Unfortunately, steganography is very difficult to achieve. ;-(( Unlike cryptography, where the standard is that the encryption is secure, even when the algorithm is known and well studied, no such progress has been achieved (afaik) in steganography. Stego relies mainly on creative obscurity. The Holy Grail of a zero- distortion stego carrier has not yet been found. The standard stego carriers (image files, audio, video files) have been well analyzed, and there is still detectable distortion in a carrier stego file when compared to a normal file of the same size and filetype. Gnupg presents a great opportunity for use of text as a non- detectable distortion carrier in the advancement of steganography. Extending the example i gave above, it can be tweaked to provide increased levels of deniability that approach acceptable levels of crypto security. (i.e. it should be just as difficult to prove that a file is steganographically hidden, as it would be to crack a 256 bit symmetric encryption algorithm.) [1] Assuming a gnupg encrypted ciphertext of size 'k', and that there are more than 95 ordinary files greater than size 'k' on the computer that plausibly belong there. (for a concrete example that's easier to follow, assume the ciphertext has 400 lines) [2] Pick any 40 such ordinary files of this size (and remember them ;-)) ) [3] Armor them using the --enarmor command to produce an armored text representation of the file. [4] Select 10 lines from each of the 40 gpg enarmored files, and concatenate them to a 400 line text [5] Make a pad to XOR from the text in [4], to the desired ciphertext. [6] Save the pad securely somewhere else. [7] Even if the pad is recovered, it cannot reasonably be proved that it XOR's to anything on the computer that would produce a ciphertext n.b. This is just a rough draft of a consideration ;-) What needs to be taken into account, is which parts of the gnupg ciphertext act as a 'plaintext' in showing that an encrypted file is present, and how to effectively increase the stego 'carrier space', to hide those lines. Anyway, it might be an interesting area of steganography exploration ;-) vedaal From rjh at sixdemonbag.org Fri Nov 20 03:28:42 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 19 Nov 2009 21:28:42 -0500 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <20091119234019.5E18711803D@smtp.hushmail.com> References: <20091119234019.5E18711803D@smtp.hushmail.com> Message-ID: <4B05FEDA.7040204@sixdemonbag.org> vedaal at hush.com wrote: > Unlike cryptography, where the standard is that the encryption is > secure, even when the algorithm is known and well studied, no such > progress has been achieved (afaik) in steganography. Pierre Moulin's got a whole sheaf of really good steganography papers, and yet most people I've met who advocate steganography have no idea who he is. This is kind of like meeting someone who says they're designing a cryptosystem, and they've never heard of Claude Shannon or read any of his papers. Speaking generally, most people who develop cryptosystems don't bother to read the crypto literature, and most people who develop steganosystems don't bother to read the stegano literature. Kind of sad, really. (Please do not misconstrue my remarks as applying to either the OpenPGP authors or the GnuPG developers.) From mariocastelancastro at gmail.com Fri Nov 20 03:36:06 2009 From: mariocastelancastro at gmail.com (=?ISO-8859-1?Q?Mario_Castel=E1n_Castro?=) Date: Thu, 19 Nov 2009 20:36:06 -0600 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B05FEDA.7040204@sixdemonbag.org> References: <20091119234019.5E18711803D@smtp.hushmail.com> <4B05FEDA.7040204@sixdemonbag.org> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 November 19th 2009 for gnupg-users at gnupg.org IMO steganography should be mixed with cryptography to be secure. As example: LSB in pictures (Unless you have a professional camera) will be random (High entropy and no predecible). You can replace it with ciphertext (Undistinguible from random noise) and no one will note the difference. Of course if instead of replace the LSB with direct ciphertext you put an GPG encrypted file the magic numbers will prove than there is an encripted message. It can't be decoded w/o the key but you can be forced to give the key. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAksF/1IACgkQZ4DA0TLic4gcdwCeO4Pj4CNLNDfP3QmLbZFGT4nz zJUAni/BqPbPJEEqJbOTg44EED5McgeK =LFjl -----END PGP SIGNATURE----- Note: resent because the first wasn't sent to the mailing list. From makrober at gmail.com Sat Nov 21 13:46:29 2009 From: makrober at gmail.com (makrober) Date: Sat, 21 Nov 2009 12:46:29 +0000 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B02DF88.5080003@melikamp.com> References: <4B02C6BD.4010000@melikamp.com> <20091117162817.GN4347@bristol.st.com> <4B02DF88.5080003@melikamp.com> Message-ID: <4B07E125.30807@gmail.com> Melikamp T. Medley wrote: > Thanks for your answers, David, Timo. > > A somewhat related question: is there a tool that is designed > to produce "undetectable" encryption, i.e. something that is > very plausibly random? I gather from your answers that gpg does > not do that. check out "Burp": hyyp://www.geodyssey.com/cryptography and read this: http://www.geodyssey.com/cryptography/burp.txt MacRober From classpath at arcor.de Sat Nov 21 16:11:03 2009 From: classpath at arcor.de (Morten Gulbrandsen) Date: Sat, 21 Nov 2009 16:11:03 +0100 Subject: Is it possible to decide what is a gpg file? In-Reply-To: <4B07E125.30807@gmail.com> References: <4B02C6BD.4010000@melikamp.com> <20091117162817.GN4347@bristol.st.com> <4B02DF88.5080003@melikamp.com> <4B07E125.30807@gmail.com> Message-ID: <4B080307.6070105@arcor.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 makrober wrote: > Melikamp T. Medley wrote: >> Thanks for your answers, David, Timo. >> >> A somewhat related question: is there a tool that is designed >> to produce "undetectable" encryption, i.e. something that is >> very plausibly random? I gather from your answers that gpg does >> not do that. > check out "Burp": > hyyp://www.geodyssey.com/cryptography > and read this: > http://www.geodyssey.com/cryptography/burp.txt > MacRober > man openssl enc OpenSSL supports BLOWFISH SUPPORTED CIPHERS base64 Base 64 bf-cbc Blowfish in CBC mode bf Alias for bf-cbc bf-cfb Blowfish in CFB mode bf-ecb Blowfish in ECB mode bf-ofb Blowfish in OFB mode openssl enc -e -base64 -in /tmp/tina.msg -out /tmp/file.b64 openssl enc -e -bf-cbc -in /tmp/tina.msg -out /tmp/file.b64 openssl enc -d -bf-cbc -in openssl enc -d -bf-cbc -in MSWRD573.TMP enter bf-cbc decryption password: bad magic number bash-3.00$ ./a.out -d MSWRD573.TMP hghg.txt ./a.out: file crypto, V:1.20 (http://www.geodyssey.com/) enter key or pass-phrase=>######## re-enter (to confirm)=>######## Decrypting from MSWRD573.TMP to hghg.txt ./a done, 1024 characters/bytes decrypted bash-3.00$ BLURB works on the fly but at least my instance of openssl with blowfish in cbc cipher block chaining mode did not decrypt the blurb output. hence from what I can see, blurb introduces something fundamental new, which cannot be achieved with openssl or gnuPG. I tried to encrypt twice, with the same passphrase, which should be the same as the ciphertext. And opened the output in ghex2. blurb does the trick. If you want to encrypt or decrypt a msg to yourself or someone able to run blurb. Then it is a good bet. If OpenSSL supports blowfish, why is it incompatible to blurb? Sincerely yours, Morten Gulbrandsen ????????????? _____________________________________________________________________ Java programmer, C++ programmer CAcert Assurer, GSWoT introducer, thawte Notary Gossamer Spider Web of Trust http://www.gswot.org Please consider the environment before printing this e-mail! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (SunOS) Comment: For keyID and its URL see the OpenPGP message header iEYEAREIAAYFAksIAwcACgkQ9ymv2YGAKVRKsQCgx6TnhsKsvGIlySo2cr7ubkXA jOgAoJZPr9s+CPnbadO28iAJY9dnS7MR =9fjk -----END PGP SIGNATURE----- From ratzip at 163.com Sat Nov 21 19:48:46 2009 From: ratzip at 163.com (ratzip) Date: Sun, 22 Nov 2009 02:48:46 +0800 (CST) Subject: How to check the trust level Message-ID: <13752369.196421258829326990.JavaMail.coremail@bj163app54.163.com> HI,guys If some one has signed my key and set the trust level on my key, how could I check the trust level he set? which commands should I use? -- ??????????????? -------------- next part -------------- An HTML attachment was scrubbed... URL: From ml at mareichelt.de Sat Nov 21 21:13:23 2009 From: ml at mareichelt.de (markus reichelt) Date: Sat, 21 Nov 2009 21:13:23 +0100 Subject: gpg: key generation failed: Card error In-Reply-To: <20091118193236.GC6241@tatooine.rebelbase.local> References: <20091118193236.GC6241@tatooine.rebelbase.local> Message-ID: <20091121201323.GH13266@tatooine.rebelbase.local> * markus reichelt wrote: > gpg: key generation failed: Card error > Key generation failed: Card error > > That's on a stock Slackware 13 system, gpg (GnuPG) 2.0.12, > libgcrypt 1.4.4 with OMNIKEY CardMan 4040 v1.1.0gm5. Okay, after much cursing omnikey I finally was successful in creating keys on the smartcard using the SCR3310 smartcard reader. Someone suggested updating to current gpg2 (2.0.13), that was the key to it all. Strangely the crappy omnicard reader has no problems at all reading keys stored on the card. Still, I cannot recommend omnikey at all. One question popped up in my mind on several occasions: V2 smartcards supposedly cannot be bricked. So, how is the reset done exactly? -- left blank, right bald -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: From dshaw at jabberwocky.com Sat Nov 21 23:22:42 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sat, 21 Nov 2009 17:22:42 -0500 Subject: How to check the trust level In-Reply-To: <13752369.196421258829326990.JavaMail.coremail@bj163app54.163.com> References: <13752369.196421258829326990.JavaMail.coremail@bj163app54.163.com> Message-ID: On Nov 21, 2009, at 1:48 PM, ratzip wrote: > HI,guys > If some one has signed my key and set the trust level on my key, how > could I check the trust level he set? > which commands should I use? It depends on what you mean by "trust level". If you mean the ownertrust, then you can't - that's personal to him and is not visible outside of his machine. If you mean the signature verification level, then it is visible in the --list-sigs output - 3 for "positive" verification, 2 for "casual" verification, and 1 for "persona" (aka didn't check) verification. If none of these numbers appear, it's a "generic" verification. David From dkg at fifthhorseman.net Sat Nov 21 23:47:13 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sat, 21 Nov 2009 17:47:13 -0500 Subject: How to check the trust level In-Reply-To: <13752369.196421258829326990.JavaMail.coremail@bj163app54.163.com> References: <13752369.196421258829326990.JavaMail.coremail@bj163app54.163.com> Message-ID: <4B086DF1.7080305@fifthhorseman.net> On 11/21/2009 01:48 PM, ratzip wrote: > If some one has signed my key and set the trust level > on my key, how could I check the trust level he set? > which commands should I use? For the typical way that GPG manages ownertrust, that information is not published (or publishable) at all. In the unlikely event that your contact has made a Trust Signature (tsig) [0] (and did not mark it as non-exportable) then the signature could be found on public keyservers, and viewed in gpg with gpg --list-sigs. A trust signature will have a number immediately to the left of the key ID indicating the depth of the indicated trust. If your key is DEADBEEF, and the other person is DECAFBAD, and they indicated a depth=1 trustsig it would look like this: test at foo:~ $ gpg --list-keys DEADBEEF pub 4096R/DEADBEEF 2008-06-02 [expires: 2012-06-02] sig 3 DEADBEEF 2008-06-02 Me Me Me! sig 1 DECAFBAD 2009-02-20 That other guy note that the column with the "3" in it shows the strength of the certification, as David Shaw mentioned -- your self-signature is normally certified strongly, as in "i have done very careful checking". The column with the "1" in it is the trust depth. in this case, it says "i believe in the certifications made by this key, but i'm not willing to accept tsigs made by this keyholder." If you want even more details about the trust sig, you could feed your key through "gpg --list-packets" like this: gpg --export DEADBEEF | gpg --list-packets You should be aware that very few people use trust signatures to indicate ownertrust with gpg. Most people use the privately-held, simpler trust designation. Also, using a trustsig leaks additional information to the general public that simple certification does not include. namely, it indicates a statement of belief in someone's ability to make proper certifications (and avoid improper ones), in addition to a statement of belief that the identity of the keyholder is correctly stated. --dkg PS this entire message refers to ownertrust. As David Shaw has already mentiond, this concept is entirely different from the concept of calculated validity, or strength of identity certification. [0] http://tools.ietf.org/html/rfc4880#section-5.2.3.13 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 891 bytes Desc: OpenPGP digital signature URL: From ml at mareichelt.de Sun Nov 22 00:47:36 2009 From: ml at mareichelt.de (markus reichelt) Date: Sun, 22 Nov 2009 00:47:36 +0100 Subject: How to check the trust level In-Reply-To: References: <13752369.196421258829326990.JavaMail.coremail@bj163app54.163.com> Message-ID: <20091121234736.GI13266@tatooine.rebelbase.local> * David Shaw wrote: > If you mean the signature verification level, then it is visible in > the --list-sigs output - 3 for "positive" verification, 2 for > "casual" verification, and 1 for "persona" (aka didn't check) > verification. If none of these numbers appear, it's a "generic" > verification. (Just to contribute to the confusion:) That's according to the spec, but there are quite a few people out there who do not honour the spec (for whatever reasons - not relevant here) and have their own definition of sig levels (usually published in their signing policy). To sum it up, these days levels 0,2,3 are fine. 1s are a bit strange and quite rare - I'd inquire about that kinda sig level. -- left blank, right bald -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: From dshaw at jabberwocky.com Sun Nov 22 03:07:59 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sat, 21 Nov 2009 21:07:59 -0500 Subject: How to check the trust level In-Reply-To: <20091121234736.GI13266@tatooine.rebelbase.local> References: <13752369.196421258829326990.JavaMail.coremail@bj163app54.163.com> <20091121234736.GI13266@tatooine.rebelbase.local> Message-ID: On Nov 21, 2009, at 6:47 PM, markus reichelt wrote: > * David Shaw wrote: > >> If you mean the signature verification level, then it is visible in >> the --list-sigs output - 3 for "positive" verification, 2 for >> "casual" verification, and 1 for "persona" (aka didn't check) >> verification. If none of these numbers appear, it's a "generic" >> verification. > > (Just to contribute to the confusion:) > > That's according to the spec, but there are quite a few people out > there who do not honour the spec (for whatever reasons - not relevant > here) and have their own definition of sig levels (usually published > in their signing policy). The spec disclaims any knowledge of the levels and leaves it up to the individual person to decide within some (very rough) guidelines. This is both a good and bad thing :) It's very possible that Alice's "casual" is stronger than Baker's "positive". > To sum it up, these days levels 0,2,3 are fine. 1s are a bit strange > and quite rare - I'd inquire about that kinda sig level. #1 is very rare, since it essentially means that someone didn't check at all. GPG actually ignores level 1 signatures by default, so that makes them even more rare - there is little point in making one since GPG won't even see it. David From dshaw at jabberwocky.com Sun Nov 22 03:26:37 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sat, 21 Nov 2009 21:26:37 -0500 Subject: gpg: key generation failed: Card error In-Reply-To: <20091121201323.GH13266@tatooine.rebelbase.local> References: <20091118193236.GC6241@tatooine.rebelbase.local> <20091121201323.GH13266@tatooine.rebelbase.local> Message-ID: <6A798665-50C2-4B4B-B9E1-B4CBB42E7F0A@jabberwocky.com> On Nov 21, 2009, at 3:13 PM, markus reichelt wrote: > * markus reichelt wrote: > >> gpg: key generation failed: Card error >> Key generation failed: Card error >> >> That's on a stock Slackware 13 system, gpg (GnuPG) 2.0.12, >> libgcrypt 1.4.4 with OMNIKEY CardMan 4040 v1.1.0gm5. > > Okay, after much cursing omnikey I finally was successful in creating > keys on the smartcard using the SCR3310 smartcard reader. Someone > suggested updating to current gpg2 (2.0.13), that was the key to it > all. > > Strangely the crappy omnicard reader has no problems at all reading > keys stored on the card. Still, I cannot recommend omnikey at all. > > One question popped up in my mind on several occasions: V2 smartcards > supposedly cannot be bricked. So, how is the reset done exactly? Here are instructions: http://lists.gnupg.org/pipermail/gnupg-users/2009-September/037413.html David From thomas-lists at nybeta.com Sun Nov 22 03:05:08 2009 From: thomas-lists at nybeta.com (Thomas Harold) Date: Sat, 21 Nov 2009 21:05:08 -0500 Subject: GPA Clipboard encrypt dialog shows expired keys Message-ID: <4B089C54.1@nybeta.com> Should the GPA Clipboard tool be displaying expired encryption keys when you go to encrypt the buffer? There's no indication of expired status for the public keys listed in the "Encrypt documents" dialog. Seems like that dialog should either show you the "Expired" column or hide keys that are expired and can't be used to encrypt. From faramir.cl at gmail.com Mon Nov 23 04:28:05 2009 From: faramir.cl at gmail.com (Faramir) Date: Mon, 23 Nov 2009 00:28:05 -0300 Subject: avoid gnupg questions In-Reply-To: <32233455.20091116143232@mail.ru> References: <32233455.20091116143232@mail.ru> Message-ID: <4B0A0145.70708@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 The following message was sent to my spam folder, and since I never saw a reply to it, maybe it was sent to spam folder for other members of the list too... Best Regards ?????? ???????? (maill.ru) escribi?: > Hello! > > Is there a way to to get rid of any insignificant gnupg questions? > > I'm trying to encrypt automatically a file using a public key of other > company. I use command like that: > gpg -r some_user_ID -e some_file > > but gnupg asks me (and I understand what): > > "gpg:C098CB23: Es gibt keine Garantie, da? dieser Schlussel wirklich > dem angegebenen Besitzer gehort. > > ... > > Es ist NICHT sicher, da? der Schlussel zu dem in der User-ID Genannten > gehort. Wenn Sie *wirklich* wissen, was Sie tun, konnen Sie die > nachste Frage mi ja beantworten > > Diesen Schlussel trotzdem benutzen? (j/N)" > > The public key, i use for encryption, is self-signed and I suppose this is a > cause of that question. But i really can't do anything with this key. > > Could you help me, please? I wonder if you show me a way how to solve this problem. > > ------- > Looking for your reply, > Michael Golubcov > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJLCgFEAAoJEMV4f6PvczxAdgYH/0FxO4DrKDewuHgkUjnnpV9g hP08zdgX0pvDRpnI9RD89c/00DP0Rl0DXWhL2fvKMwL+SlusvaA324kJ+Fb9tc07 OtGEzddl79Fe3msP2FEwh8eeCtFWY4y+/1HVknU0qC0SK5/fDrzMvM+N8+fhh/Uh b5Dhp4DlSxsWPwzNDAyV8t2w7T/I1bHEZf/Nk2WkkTE9YaqLMEc30KwnF0qTKovZ 0n4uT4Z94B7kDe5/K4lwfQi5boMkysi1QPZD/i3zo1w0UJ4FaXaRmLMzFrOUN2Df w38T6PzZd5R5g1V0zZYqLrVrAmpieZMImI+IFJhnwDxL92fSxi9sF/LrrNCWvBw= =HY5W -----END PGP SIGNATURE----- From wk at gnupg.org Mon Nov 23 10:55:47 2009 From: wk at gnupg.org (Werner Koch) Date: Mon, 23 Nov 2009 10:55:47 +0100 Subject: SmartCard... In-Reply-To: <4B03E4F6.9060402@kernelconcepts.de> (Nils Faerber's message of "Wed, 18 Nov 2009 13:13:42 +0100") References: <4B03E4F6.9060402@kernelconcepts.de> Message-ID: <87k4xhsgyk.fsf@vigenere.g10code.de> On Wed, 18 Nov 2009 13:13, nils.faerber at kernelconcepts.de said: > Errr... you need the OpenPGP smart card to us it with GnuPG as a > key-storing smart card. This does not work just with any card ;) Actually the Belgian ID card will work with gpgsm and gpg-agent's Secure Shell support. The cards needs to have the extra certificates of course (iirc, they are optional but can be loaded to a plain id card). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From anugrah.atreya at pb.com Fri Nov 20 07:08:19 2009 From: anugrah.atreya at pb.com (Anugrah Atreya) Date: Fri, 20 Nov 2009 01:08:19 -0500 Subject: delete keys in batch mode Message-ID: <06BF6B40DF074644BB73A857C48E74A462DBC2B2D4@PBI-NAMSG-03.MGDPBI.global.pvt> I think this will be great help: http://explorecsharp.blogspot.com/2009/09/most-useful-gpg-commands-you-wont-find.html Namaste (Greetings/Regards) Anugrah Atreya -------------- next part -------------- An HTML attachment was scrubbed... URL: From rahul.raviz at gmail.com Mon Nov 23 13:17:29 2009 From: rahul.raviz at gmail.com (kuttuani) Date: Mon, 23 Nov 2009 04:17:29 -0800 (PST) Subject: GPG self signature missing error Message-ID: <26477035.post@talk.nabble.com> Hi All, I have GNUPG versions 1.2 and 1.4 installed on two servers A and B respectively. I got a gpg key from a client, i imported it on Server B with out any error messages and I am able to encrypt and decrypt data. but on server A iam getting many errors. /usr/local/bin/gpg --homedir /root/.gnupg --import client_name.pkr gpg: key DFEB876D: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 then i tried usr/local/bin/gpg --homedir /root/.gnupg --allow-non-selfsigned-uid --import client_name.pkr this time it worked.. but when i try to encrypt the data it is giving me an error usr/local/bin/gpg --homedir /root/.gnupg --output a.txt.gpg "gpg_key" --encrypt a.txt gpg: missing self-signature i don know why it is behaving like this.. bcoz on B i have no such issues. is this bcoz of the version differences? is there anyother command to solve this error. or do i need to upgrade the gpg version on A? please advice. -- View this message in context: http://old.nabble.com/GPG-self-signature-missing-error-tp26477035p26477035.html Sent from the GnuPG - User mailing list archive at Nabble.com. From christoph.anton.mitterer at physik.uni-muenchen.de Mon Nov 23 13:25:00 2009 From: christoph.anton.mitterer at physik.uni-muenchen.de (Christoph Anton Mitterer) Date: Mon, 23 Nov 2009 13:25:00 +0100 Subject: GPG self signature missing error In-Reply-To: <26477035.post@talk.nabble.com> References: <26477035.post@talk.nabble.com> Message-ID: <1258979101.25619.1.camel@etppc03.garching.physik.uni-muenchen.de> You simply should not use such a key (without signed UIDs),.. except you really really know what you're doing. The key is probably damaged, or it might be even an attack. Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3387 bytes Desc: not available URL: From christoph.anton.mitterer at physik.uni-muenchen.de Mon Nov 23 13:33:07 2009 From: christoph.anton.mitterer at physik.uni-muenchen.de (Christoph Anton Mitterer) Date: Mon, 23 Nov 2009 13:33:07 +0100 Subject: GPG self signature missing error In-Reply-To: References: <26477035.post@talk.nabble.com> <1258979101.25619.1.camel@etppc03.garching.physik.uni-muenchen.de> Message-ID: <1258979587.25619.5.camel@etppc03.garching.physik.uni-muenchen.de> On Mon, 2009-11-23 at 17:57 +0530, Rahul R wrote: > then could you plz explain why it is not giving me any error on server > B that has a gpg version 1.4? I'm not sure, but it's likely that the older version did simply not check for this. Using a key with UIDs that are not signed by that key is dangerous, as anybody could have attached such an UID to the respective key. I could for example take your publich key, which has about the following layout: public key packet UID packed signature on the UID packet ...strip of the UID and signature packet and add my own (evil) UID. But I cannot forge the signature on the UID, well not easily at least ;) Cheers, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3387 bytes Desc: not available URL: From rahul.raviz at gmail.com Mon Nov 23 13:27:43 2009 From: rahul.raviz at gmail.com (Rahul R) Date: Mon, 23 Nov 2009 17:57:43 +0530 Subject: GPG self signature missing error In-Reply-To: <1258979101.25619.1.camel@etppc03.garching.physik.uni-muenchen.de> References: <26477035.post@talk.nabble.com> <1258979101.25619.1.camel@etppc03.garching.physik.uni-muenchen.de> Message-ID: then could you plz explain why it is not giving me any error on server B that has a gpg version 1.4? 2009/11/23 Christoph Anton Mitterer < christoph.anton.mitterer at physik.uni-muenchen.de> > You simply should not use such a key (without signed UIDs),.. except you > really really know what you're doing. > The key is probably damaged, or it might be even an attack. > > Cheers, > Chris. > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -- Thanks, Regards, Rahul R Mob: 09008030921 -------------- next part -------------- An HTML attachment was scrubbed... URL: From rahul.raviz at gmail.com Mon Nov 23 13:20:01 2009 From: rahul.raviz at gmail.com (Rahul R) Date: Mon, 23 Nov 2009 17:50:01 +0530 Subject: GPG: Missing self signature Error Message-ID: Hi All, I have GNUPG versions 1.2 and 1.4 installed on two servers A and B respectively. I got a gpg key from a client, i imported it on Server B with out any error messages and I am able to encrypt and decrypt data. but on server A iam getting many errors. /usr/local/bin/gpg --homedir /root/.gnupg --import client_name.pkr gpg: key DFEB876D: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 then i tried usr/local/bin/gpg --homedir /root/.gnupg --allow-non-selfsigned-uid --import client_name.pkr this time it worked.. but when i try to encrypt the data it is giving me an error usr/local/bin/gpg --homedir /root/.gnupg --output a.txt.gpg "gpg_key" --encrypt a.txt gpg: missing self-signature i don know why it is behaving like this.. bcoz on B i have no such issues. is this bcoz of the version differences? is there anyother command to solve this error. or do i need to upgrade the gpg version on A? please advice. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dkg at fifthhorseman.net Mon Nov 23 15:02:17 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 23 Nov 2009 09:02:17 -0500 Subject: GPG self signature missing error In-Reply-To: <26477035.post@talk.nabble.com> References: <26477035.post@talk.nabble.com> Message-ID: <4B0A95E9.1080402@fifthhorseman.net> On 11/23/2009 07:17 AM, kuttuani wrote: > I have GNUPG versions 1.2 and 1.4 installed on two servers A and B > respectively. > > I got a gpg key from a client, i imported it on Server B with out any error > messages and I am able to encrypt and decrypt data. > > but on server A iam getting many errors. > > /usr/local/bin/gpg --homedir /root/.gnupg --import client_name.pkr > gpg: key DFEB876D: no valid user IDs This key is not available from the public keyserver network, so i can't see what its actual self-signatures look like. Is it possible that its only self-sigs were made by an algorithm unsupported by gpg 1.2? i'm not sure which algorithms were introduced between 1.2 and 1.4, but that would be useful information for this question. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 891 bytes Desc: OpenPGP digital signature URL: From roundyd at physics.oregonstate.edu Tue Nov 24 18:16:29 2009 From: roundyd at physics.oregonstate.edu (David Roundy) Date: Tue, 24 Nov 2009 12:16:29 -0500 Subject: how to properly verify a signature from a program? Message-ID: <117f2cc80911240916m4bed9bf6o5b15caff96e8955b@mail.gmail.com> Hi all, I've been searching and searching, and have failed to find any documentation or tutorial that indicates the proper way to verify a signature from a program. The problem is that I want not to verify that *anyone* signed a message, but rather to verify that *someone in particular* signed it. And that doesn't seem to be in the gpg interface, so far as I can find. If a human is doing the verification, it's not so hard to first run verify, then read the output that indicates *who* signed it, but I'd really prefer to avoid trying to parse the output of gpg, as that seems to be a quick road to insecurity and fragility. So far as I can tell, the process for a detached signature is something like: gpg --verify sigfile txtfile && echo signature passed then look at the output (or stderr?) to find out who signed the file, and compare with who was supposed to sign the file. It is this last step that sounds problematic. Am I missing something? I guess there is one other approach that I can see, which is to use a process such as gpg --export "User Name" > user-keyring gpg --no-default-keyring --keyring user-keyring --verify sigfile txtfile Is this what I should be doing? -- David Roundy From roam at ringlet.net Wed Nov 25 12:44:35 2009 From: roam at ringlet.net (Peter Pentchev) Date: Wed, 25 Nov 2009 13:44:35 +0200 Subject: how to properly verify a signature from a program? In-Reply-To: <117f2cc80911240916m4bed9bf6o5b15caff96e8955b@mail.gmail.com> References: <117f2cc80911240916m4bed9bf6o5b15caff96e8955b@mail.gmail.com> Message-ID: <20091125114435.GA18006@straylight.m.ringlet.net> On Tue, Nov 24, 2009 at 12:16:29PM -0500, David Roundy wrote: > Hi all, > > I've been searching and searching, and have failed to find any > documentation or tutorial that indicates the proper way to verify a > signature from a program. The problem is that I want not to verify > that *anyone* signed a message, but rather to verify that *someone in > particular* signed it. [snip] > So far as I can tell, the process for a detached signature is something like: > > gpg --verify sigfile txtfile && echo signature passed > > then look at the output (or stderr?) to find out who signed the file, > and compare with who was supposed to sign the file. It is this last > step that sounds problematic. Am I missing something? That's pretty much what you should do, with just one addition: add --status-fd=1 to the GnuPG command line. When you do that, gpg will output something like the following to file descriptor 1 (stdout): [GNUPG:] SIG_ID eLbkcOT0G/i0ugaTvtB5kkRMJc0 2009-11-25 1259148663 [GNUPG:] GOODSIG 651EEFB02527DF13 Peter Pentchev [GNUPG:] VALIDSIG 2EE7A7A517FC124CF115C354651EEFB02527DF13 2009-11-25 1259148663 0 4 0 1 10 01 2EE7A7A517FC124CF115C354651EEFB02527DF13 [GNUPG:] TRUST_ULTIMATE Of course, the output *will* be different in your case, what with dates, key ID's and such :) Also, of course you can use a different value for the file descriptor (like 2 for stderr, but then this output will be mixed with the rest of GnuPG's freeform messages), just make sure your program can read what GnuPG writes to that fd :) Hope that helps. G'luck, Peter -- Peter Pentchev roam at ringlet.net roam at space.bg roam at FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 I had to translate this sentence into English because I could not read the original Sanskrit. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 834 bytes Desc: not available URL: From roam at ringlet.net Wed Nov 25 12:49:47 2009 From: roam at ringlet.net (Peter Pentchev) Date: Wed, 25 Nov 2009 13:49:47 +0200 Subject: how to properly verify a signature from a program? In-Reply-To: <20091125114435.GA18006@straylight.m.ringlet.net> References: <117f2cc80911240916m4bed9bf6o5b15caff96e8955b@mail.gmail.com> <20091125114435.GA18006@straylight.m.ringlet.net> Message-ID: <20091125114947.GB18006@straylight.m.ringlet.net> On Wed, Nov 25, 2009 at 01:44:35PM +0200, Peter Pentchev wrote: > On Tue, Nov 24, 2009 at 12:16:29PM -0500, David Roundy wrote: > > Hi all, > > > > I've been searching and searching, and have failed to find any > > documentation or tutorial that indicates the proper way to verify a > > signature from a program. The problem is that I want not to verify > > that *anyone* signed a message, but rather to verify that *someone in > > particular* signed it. > [snip] > > So far as I can tell, the process for a detached signature is something like: > > > > gpg --verify sigfile txtfile && echo signature passed > > > > then look at the output (or stderr?) to find out who signed the file, > > and compare with who was supposed to sign the file. It is this last > > step that sounds problematic. Am I missing something? > > That's pretty much what you should do, with just one addition: > add --status-fd=1 to the GnuPG command line. [snip] And then again, if you're writing in C, C++, or any language that can invoke routines in a shared library described in a C header file, there is also another way to do it - use the GPGME (GnuPG Made Easy) library. It provides functions that will verify a signature and return a list of signature structures, each of which will contain the fingerprint of the signing key. G'luck, Peter -- Peter Pentchev roam at ringlet.net roam at space.bg roam at FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 "yields falsehood, when appended to its quotation." yields falsehood, when appended to its quotation. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 834 bytes Desc: not available URL: From brokenn at gmail.com Wed Nov 25 20:20:52 2009 From: brokenn at gmail.com (Brian O'Kennedy) Date: Wed, 25 Nov 2009 19:20:52 +0000 Subject: Backup of private key Message-ID: Hi All, This is a complete n00b question, but I still need to get an opinion on this. I've created myself a public/private key and got a bit concerned that if my harddrive fails, I lost the key and all data I've ever encrypted using it. Advice I find around the net suggest saving it to a floppy (what's that?), storing it on cd-rom/usb in a safe location or printing it out. All of these make sense to me, but aren't compatible with my ability to lose physical things. So, what would the risks be of me using symmetrical encryption with a long passphrase to encrypt my private key, and storing that in an online email account (gmail/yahoo/etc)? If we consider the symmetric encryption to be (practically) unbreakable, is this safe? Looking forward to any comments. Brian -------------- next part -------------- An HTML attachment was scrubbed... URL: From ciprian.craciun at gmail.com Wed Nov 25 22:06:24 2009 From: ciprian.craciun at gmail.com (Ciprian Dorin, Craciun) Date: Wed, 25 Nov 2009 23:06:24 +0200 Subject: Backup of private key In-Reply-To: References: Message-ID: <8e04b5820911251306h47fd195dqb8394f640caf0dc4@mail.gmail.com> On Wed, Nov 25, 2009 at 9:20 PM, Brian O'Kennedy wrote: > Hi All, > This is a complete n00b question, but I still need to get an opinion on > this. > I've created myself a public/private key and got a bit concerned that if my > harddrive fails, I lost the key and all data I've ever encrypted using it. > ?Advice I find around the net suggest saving it to a floppy (what's that?), > storing it on cd-rom/usb in a safe location or printing it out. > All of these make sense to me, but aren't compatible with my ability to lose > physical things. ?So, what would the risks be of me using symmetrical > encryption with a long passphrase to encrypt my private key, and storing > that in an online email account (gmail/yahoo/etc)? ?If we consider the > symmetric encryption to be (practically) unbreakable, is this safe? > Looking forward to any comments. > Brian :) I kind of had the same problem. My solution to this one was (in order of commodity, but not reliability): 1) backup the files from ~/.gnupg to an off-line storage medium (USB stick, CD/DVD-ROM, another computer, etc.) (usable mainly for full-restore); (the offline-store should be as secure as your desktop / laptop;) 2a) export the secret keys and store them off-line (usable for re-import in case the binary databases from ~/.gnupg break) (as security the same as above): gpg --armor --export-secret-keys or gpg --armor --export-secret-keys {id} 2b) the same as above but protected by an extra password (the keys are already protected by a password) (for more vulnerable offline stores, like Brian said): gpg --armor --export-secret-keys {id} | gpg --armor --sign --symmetric --force-mdc 4a) by using paperkey [1] I can create a ASCII file that is quite small and contains only the needed secret bits of the secret key; the idea with this one is that nothing outlives paper, and thus if something happens with my previous backups I could just feed a scanned version of the printed file (only one page) through an OCR; (or worse I could just enter by hand the data, because it's quite small); (the file must be stored somewhere quite safe;) 4b) I use the same idea as the previous one, but instead of printing the text file I feed it (or a part of it) through a QRcode [2] encoder and print the resulting image. Thus restoration implies only photographing the printed page, and feeding it through a decoder; (I've tried this one and works flawlessly.) Please someone correct me if I'm doing something wrong somewhere... My keys depend on it. :) Ciprian. [1] http://www.jabberwocky.com/software/paperkey/ [2] http://en.wikipedia.org/wiki/QRcode From rjh at sixdemonbag.org Wed Nov 25 22:13:11 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 25 Nov 2009 16:13:11 -0500 Subject: Backup of private key In-Reply-To: References: Message-ID: <4B0D9DE7.2060801@sixdemonbag.org> Brian O'Kennedy wrote: > This is a complete n00b question, but I still need to get an opinion on > this. We were all new once. :) Welcome to the list! > All of these make sense to me, but aren't compatible with my ability to > lose physical things. So, what would the risks be of me using > symmetrical encryption with a long passphrase to encrypt my private key, > and storing that in an online email account (gmail/yahoo/etc)? If we > consider the symmetric encryption to be (practically) unbreakable, is > this safe? The good news is your private key is already encrypted with a symmetric cipher. The passphrase you type to use your key is really the passphrase needed to decrypt it. If you are sure that no one will ever guess your passphrase, then you could safely publish your private key in the _New York Times_. That would be a really extreme case, but you could do it. From brokenn at gmail.com Wed Nov 25 22:16:35 2009 From: brokenn at gmail.com (Brian O'Kennedy) Date: Wed, 25 Nov 2009 21:16:35 +0000 Subject: Backup of private key In-Reply-To: <8e04b5820911251306h47fd195dqb8394f640caf0dc4@mail.gmail.com> References: <8e04b5820911251306h47fd195dqb8394f640caf0dc4@mail.gmail.com> Message-ID: Thanks for the useful tips - I think I'll go the encrypt-upload-to-email route plus an additional paperkey option stored at relatives house in case of email service going down. thanks, Brian 2009/11/25 Ciprian Dorin, Craciun > On Wed, Nov 25, 2009 at 9:20 PM, Brian O'Kennedy > wrote: > > Hi All, > > This is a complete n00b question, but I still need to get an opinion on > > this. > > I've created myself a public/private key and got a bit concerned that if > my > > harddrive fails, I lost the key and all data I've ever encrypted using > it. > > Advice I find around the net suggest saving it to a floppy (what's > that?), > > storing it on cd-rom/usb in a safe location or printing it out. > > All of these make sense to me, but aren't compatible with my ability to > lose > > physical things. So, what would the risks be of me using symmetrical > > encryption with a long passphrase to encrypt my private key, and storing > > that in an online email account (gmail/yahoo/etc)? If we consider the > > symmetric encryption to be (practically) unbreakable, is this safe? > > Looking forward to any comments. > > Brian > > > :) I kind of had the same problem. My solution to this one was (in > order of commodity, but not reliability): > > 1) backup the files from ~/.gnupg to an off-line storage medium > (USB stick, CD/DVD-ROM, another computer, etc.) (usable mainly for > full-restore); (the offline-store should be as secure as your desktop > / laptop;) > > 2a) export the secret keys and store them off-line (usable for > re-import in case the binary databases from ~/.gnupg break) (as > security the same as above): > gpg --armor --export-secret-keys > or > gpg --armor --export-secret-keys {id} > > 2b) the same as above but protected by an extra password (the keys > are already protected by a password) (for more vulnerable offline > stores, like Brian said): > gpg --armor --export-secret-keys {id} | gpg --armor --sign > --symmetric --force-mdc > > 4a) by using paperkey [1] I can create a ASCII file that is quite > small and contains only the needed secret bits of the secret key; the > idea with this one is that nothing outlives paper, and thus if > something happens with my previous backups I could just feed a scanned > version of the printed file (only one page) through an OCR; (or worse > I could just enter by hand the data, because it's quite small); (the > file must be stored somewhere quite safe;) > > 4b) I use the same idea as the previous one, but instead of > printing the text file I feed it (or a part of it) through a QRcode > [2] encoder and print the resulting image. Thus restoration implies > only photographing the printed page, and feeding it through a decoder; > (I've tried this one and works flawlessly.) > > Please someone correct me if I'm doing something wrong > somewhere... My keys depend on it. :) > > Ciprian. > > [1] http://www.jabberwocky.com/software/paperkey/ > [2] http://en.wikipedia.org/wiki/QRcode > -------------- next part -------------- An HTML attachment was scrubbed... URL: From brokenn at gmail.com Wed Nov 25 22:19:03 2009 From: brokenn at gmail.com (Brian O'Kennedy) Date: Wed, 25 Nov 2009 21:19:03 +0000 Subject: Fwd: Backup of private key In-Reply-To: References: <4B0D9DE7.2060801@sixdemonbag.org> Message-ID: So this implies that I could safely upload my ascii-armored private key to an email server without fear (assuming of course that my passphrase is secure and large). What symmetric encryption is typically used on the key itself? I'm assuming that this level of encryption is secure enough to not worry about it being broken? Thanks for the tip and welcome :) brian 2009/11/25 Robert J. Hansen Brian O'Kennedy wrote: > > This is a complete n00b question, but I still need to get an opinion on > > this. > > We were all new once. :) Welcome to the list! > > > All of these make sense to me, but aren't compatible with my ability to > > lose physical things. So, what would the risks be of me using > > symmetrical encryption with a long passphrase to encrypt my private key, > > and storing that in an online email account (gmail/yahoo/etc)? If we > > consider the symmetric encryption to be (practically) unbreakable, is > > this safe? > > The good news is your private key is already encrypted with a symmetric > cipher. The passphrase you type to use your key is really the > passphrase needed to decrypt it. > > If you are sure that no one will ever guess your passphrase, then you > could safely publish your private key in the _New York Times_. That > would be a really extreme case, but you could do it. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Wed Nov 25 23:10:02 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 25 Nov 2009 17:10:02 -0500 Subject: Backup of private key In-Reply-To: References: <4B0D9DE7.2060801@sixdemonbag.org> Message-ID: <4B0DAB3A.3000408@sixdemonbag.org> Brian O'Kennedy wrote: > So this implies that I could safely upload my ascii-armored private > key to an email server without fear (assuming of course that my > passphrase is secure and large). Correct. You just have to make *absolutely certain* your passphrase is unguessable. If someone is able to grab your private key and your passphrase, then you're in a world of hurt. > What symmetric encryption is typically used on the key itself? I'm > assuming that this level of encryption is secure enough to not worry > about it being broken? *All* of the ciphers used in GnuPG are secure enough to not worry about them being broken. :) Some of the algorithms GnuPG uses are even rated by the United States government as being suitable protection for classified material. That said, I think the particular algorithm used is CAST. I might be mistaken. It used to be CAST, but it may be AES now. From federalhillrent at yahoo.com Thu Nov 26 02:23:42 2009 From: federalhillrent at yahoo.com (FederalHill) Date: Wed, 25 Nov 2009 17:23:42 -0800 (PST) Subject: Fwd: Backup of private key In-Reply-To: Message-ID: <430582.86902.qm@web36307.mail.mud.yahoo.com> ?Would you define ascii-armored --- On Wed, 11/25/09, Brian O'Kennedy wrote: From: Brian O'Kennedy Subject: Fwd: Backup of private key To: gnupg-users at gnupg.org Date: Wednesday, November 25, 2009, 4:19 PM So this implies that I could safely upload my ?ascii-armored private key to an email server without fear (assuming of course that my passphrase is secure and large). What symmetric encryption is typically used on the key itself? I'm assuming that this level of encryption is secure enough to not worry about it being broken?? Thanks for the tip and welcome :)? brian 2009/11/25 Robert J. Hansen Brian O'Kennedy wrote: > This is a complete n00b question, but I still need to get an opinion on > this. We were all new once. ?:) ?Welcome to the list! > All of these make sense to me, but aren't compatible with my ability to > lose physical things. ?So, what would the risks be of me using > symmetrical encryption with a long passphrase to encrypt my private key, > and storing that in an online email account (gmail/yahoo/etc)? ?If we > consider the symmetric encryption to be (practically) unbreakable, is > this safe? The good news is your private key is already encrypted with a symmetric cipher. ?The passphrase you type to use your key is really the passphrase needed to decrypt it. If you are sure that no one will ever guess your passphrase, then you could safely publish your private key in the _New York Times_. ?That would be a really extreme case, but you could do it. -----Inline Attachment Follows----- _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Thu Nov 26 03:46:07 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 25 Nov 2009 21:46:07 -0500 Subject: Fwd: Backup of private key In-Reply-To: <430582.86902.qm@web36307.mail.mud.yahoo.com> References: <430582.86902.qm@web36307.mail.mud.yahoo.com> Message-ID: <4B0DEBEF.6000108@sixdemonbag.org> FederalHill wrote: > Would you define ascii-armored binary -> base64 conversion. http://en.wikipedia.org/wiki/Base64 From pioterbrat at o2.pl Thu Nov 26 12:27:04 2009 From: pioterbrat at o2.pl (Piotr Bratkowski) Date: Thu, 26 Nov 2009 12:27:04 +0100 Subject: gpg trust from command line Message-ID: <4B0E6608.9040505@o2.pl> Hello, I need to invoke trust command but from linux shell. I was thinking that this will do: gpg --edit host_name trust 3 to set my trust marginal for host_name, but it didn't, it took me to the gpg command line. I need this becouse I'm currently writing program that is using gpg. It's in C so making it to write to stdin of gpg would be a lot of fuss, as a command line I can simply use system function. So my question is is it possible?? If yes how?? Regards, Piotr Bratkowski From rahul.raviz at gmail.com Thu Nov 26 14:02:53 2009 From: rahul.raviz at gmail.com (Rahul R) Date: Thu, 26 Nov 2009 18:32:53 +0530 Subject: gpg trust from command line In-Reply-To: <4B0E6608.9040505@o2.pl> References: <4B0E6608.9040505@o2.pl> Message-ID: Hi, I have done the trusting part automated on my linux box like the following. Give a try anyways and let me know whether it was helpful or not. I did many google search and could not find any method described for this. The following method worked gr8 for me and is the one which I created myself ;-). For trusting it as 3, use 4 and for 5, use 6 and so on... 1. gpg --import key.pk - Import your key 2. echo $(gpg --list-keys --with-fingerprint --with-colons | tail -2 | head -1 | tr -s ":" ":"| cut -d ":" -f2):4: > /tmp/somefile1 - take the finger print and copy to a temp file. 3. gpg --import-ownertrust < /tmp/somefile1 - import the finger print to the trust data base. Done!!!! You can check the trusting part by typing the below command 1. gpg --export-ownertrust On Thu, Nov 26, 2009 at 4:57 PM, Piotr Bratkowski wrote: > Hello, > > I need to invoke trust command but from linux shell. I was thinking that > this will do: > gpg --edit host_name trust 3 > > to set my trust marginal for host_name, but it didn't, it took me to the > gpg command line. > > I need this becouse I'm currently writing program that is using gpg. It's > in C so making it to write to stdin of gpg would be a lot of fuss, as a > command line I can simply use system function. > > So my question is is it possible?? If yes how?? > > Regards, > Piotr Bratkowski > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Thanks, Regards, Rahul R Mob: 09008030921 -------------- next part -------------- An HTML attachment was scrubbed... URL: From rahul.raviz at gmail.com Thu Nov 26 14:23:51 2009 From: rahul.raviz at gmail.com (Rahul R) Date: Thu, 26 Nov 2009 18:53:51 +0530 Subject: gpg trust from command line In-Reply-To: <4B0E7F97.8040305@o2.pl> References: <4B0E6608.9040505@o2.pl> <4B0E7F97.8040305@o2.pl> Message-ID: :-) :-) I am really happy to hear that it worked great for you also.... :-) On Thu, Nov 26, 2009 at 6:46 PM, Piotr Bratkowski wrote: > Hello, > > Thanks, you have just rescued me :). It is working really great. > > Regards, > Piotr Bratkowski > > > > Rahul R pisze: > >> Hi, >> >> I have done the trusting part automated on my linux box like the >> following. Give a try anyways and let me know whether it was helpful or not. >> I did many google search and could not find any method described for this. >> The following method worked gr8 for me and is the one which I created myself >> ;-). >> >> For trusting it as 3, use 4 and for 5, use 6 and so on... >> >> 1. gpg --import key.pk - Import your key >> 2. echo $(gpg --list-keys --with-fingerprint --with-colons | tail >> >> -2 | head -1 | tr -s ":" ":"| cut -d ":" -f2):4: > >> /tmp/somefile1 - take the finger print and copy to a temp file. >> 3. gpg --import-ownertrust < /tmp/somefile1 - import the finger >> >> print to the trust data base. Done!!!! >> >> You can check the trusting part by typing the below command >> >> 1. gpg --export-ownertrust >> >> >> >> On Thu, Nov 26, 2009 at 4:57 PM, Piotr Bratkowski > pioterbrat at o2.pl>> wrote: >> >> Hello, >> >> I need to invoke trust command but from linux shell. I was >> thinking that this will do: >> gpg --edit host_name trust 3 >> >> to set my trust marginal for host_name, but it didn't, it took me >> to the gpg command line. >> >> I need this becouse I'm currently writing program that is using >> gpg. It's in C so making it to write to stdin of gpg would be a >> lot of fuss, as a command line I can simply use system function. >> >> So my question is is it possible?? If yes how?? >> >> Regards, >> Piotr Bratkowski >> >> _______________________________________________ >> Gnupg-users mailing list >> Gnupg-users at gnupg.org >> >> http://lists.gnupg.org/mailman/listinfo/gnupg-users >> >> >> >> >> -- >> Thanks, >> Regards, >> Rahul R >> Mob: 09008030921 >> > > -- Thanks, Regards, Rahul R Mob: 09008030921 -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Thu Nov 26 15:35:49 2009 From: wk at gnupg.org (Werner Koch) Date: Thu, 26 Nov 2009 15:35:49 +0100 Subject: Piotr Bratkowski In-Reply-To: <4B0E6608.9040505@o2.pl> References: <4B0E6608.9040505@o2.pl> Message-ID: <87k4xdz73u.wl%wk@gnupg.org> On Thu, 26 Nov 2009 12:27:04 +0100, Piotr Bratkowski wrote: > I need to invoke trust command but from linux shell. I was thinking that > this will do: > gpg --edit host_name trust 3 You do not want to set the trust for a host_name; this is not a unique identifier for a key. Figure out the fingerprint and specify this one. Canned command as above usually don't work becuase there are so manhy things to care about. > It's in C so making it to write to stdin of gpg would be a lot of fuss, > as a command line I can simply use system function. In general you should not use system(3) in a program; even if it sounds to be simple. Getting the quoting right is not easy. Passing suff via stin to another process is pretty easy: popen(3) does this. However, popen has the same problems as system has. > So my question is is it possible?? If yes how?? Use gpgme and the edit callback. An example on how to do is is gpgme/tests/gpg/t-edit.c . Shalom-Salam, Werner From c-blair at illinois.edu Wed Nov 25 17:11:02 2009 From: c-blair at illinois.edu (Charles Blair) Date: Wed, 25 Nov 2009 10:11:02 -0600 Subject: claws mail will not verify signatures Message-ID: <20091125101102.00000cb8@unknown> I installed gpg4win, including claws mail. I used gpa to import a public key, and have been able to send encrypted mail using this key. However, when I try to verify the signature on the test message below, I get a message saying "timeout". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ... and delivered. What is the matter with stupid clawsmail? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFLDUxlWOUslXANYskRAqf0AKDVhAjrBlVNp+SZgFop/npYsnATdwCg53FP jKoA5vpohYt/78jOg+PosgM= =leIW -----END PGP SIGNATURE----- From brad at fineby.me.uk Fri Nov 27 12:31:46 2009 From: brad at fineby.me.uk (Brad Rogers) Date: Fri, 27 Nov 2009 11:31:46 +0000 Subject: claws mail will not verify signatures In-Reply-To: <20091125101102.00000cb8@unknown> References: <20091125101102.00000cb8@unknown> Message-ID: <20091127113146.28d9153b@abydos.stargate.org.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Wed, 25 Nov 2009 10:11:02 -0600 Charles Blair wrote: Hello Charles, > key. However, when I try to verify the signature on the test > message below, I get a message saying "timeout". Probably better asked on the CM ML, but as a starter, do you have the relevant plugins installed? - -- Regards _ / ) "The blindingly obvious is / _)rad never immediately apparent" Every single one of us Devil Inside - INXS -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBCAAGBQJLD7iiAAoJEEvDbGwXTTHBoWUH/R+HA+L2UneZ6vNhggdn4G1F iF2epSPcbToPjlNVSrsd3Xb/YjvY0IzSZ8imLdBMsz+ZZ3Oza1lt14WFRF8Fcuhp WdbGA5mK/n137WHLHvTamtrmY5FOAWqMACQzQKzfm2fUTLH4S/5i7/PPIoQymzVB bDNZKtL6zDM8rKwPwkiG+uGv3STsmMsbIW4SvQZHevJxPC0lSO4xxtr+7o+tuLdb ysZsWaNfPakJgyMZneysnaus9gLKGm215low04dEyj1engwvq3Ply2QSC6Nh/irh GyKbHjRF3RjtaN2ULrPf8b25Z+rvV9jdAwxKIKVe2mXqbMSeVk3DvhOkHZYyBo8= =UpVC -----END PGP SIGNATURE----- From yaverot at nerdshack.com Sat Nov 28 05:59:36 2009 From: yaverot at nerdshack.com (Matt) Date: Fri, 27 Nov 2009 21:59:36 -0700 Subject: Backup of private key In-Reply-To: <4B0D9DE7.2060801@sixdemonbag.org> References: <4B0D9DE7.2060801@sixdemonbag.org> Message-ID: <4B10AE38.9040202@nerdshack.com> Robert J. Hansen wrote: > If you are sure that no one will ever guess your passphrase, then you > could safely publish your private key in the _New York Times_. That > would be a really extreme case, but you could do it. But what if you publish it in a paper people actually _read_? :) While I understand the intent of the statement, and been wanting to question it for some time (about 3 months). I do believe it to the limits of my understanding of modern cryptography. But I want to make sure I'm not missing something by the example using such a weak means of distribution. I can't say that I've _never_ seen a NYT, but I know I didn't read the copy that appeared in my elementary school in the 80s. They've had a good 20 years with which to have folded, or to have dropped down to a "oh, they still publish?" distribution. I'll try this modern bent to the question: If I had a sufficiently good passphrase, would Google returning my secret key as the first hit result for every search for a day still be secure? With my understanding, the answer is _still_ yes. I am under no delusions that my passphrase is that good. Not that I have the friends or enemies at Google with which to test it. From rjh at sixdemonbag.org Sat Nov 28 07:50:53 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 28 Nov 2009 01:50:53 -0500 Subject: Backup of private key In-Reply-To: <4B10AE38.9040202@nerdshack.com> References: <4B0D9DE7.2060801@sixdemonbag.org> <4B10AE38.9040202@nerdshack.com> Message-ID: <4B10C84D.7030608@sixdemonbag.org> Matt wrote: > If I had a sufficiently good passphrase, would Google returning my > secret key as the first hit result for every search for a day still be > secure? "Secure" is not a very good word to use. It means so many different things to so many different people. "Secure" really means "in accordance with my security policies" -- the use of the word is inherently subjective. Let me try giving you an answer that doesn't involve the word "secure," but will still hopefully answer your question. "For any symmetric cipher used in GnuPG, for any purpose supported by GnuPG, there is *no* effective way for someone who has the ciphertext and *only* the ciphertext to recover the plaintext without knowing the passphrase." The qualifiers are very important. For clarity's sake, I'll restate them here, very directly: * I am only talking about GnuPG * I am excluding gratuitously stupid things you can do by abusing the "--expert" flag * We are assuming the adversary has *only* the ciphertext * The adversary has *no* ability to execute side-channel attacks against you From ciprian.craciun at gmail.com Sat Nov 28 15:42:06 2009 From: ciprian.craciun at gmail.com (Ciprian Dorin, Craciun) Date: Sat, 28 Nov 2009 16:42:06 +0200 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) Message-ID: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> (I'll try to start a new thread from the following quotes.) On Sat, Nov 28, 2009 at 8:50 AM, Robert J. Hansen wrote: > Matt wrote: >> If I had a sufficiently good passphrase, would Google returning my >> secret key as the first hit result for every search for a day still be >> secure? > > "Secure" is not a very good word to use. ?It means so many different > things to so many different people. ?"Secure" really means "in > accordance with my security policies" -- the use of the word is > inherently subjective. Related to the same problem (strength of the secret key data encryption measures), I've posted some months ago an email on the scy.crypt Usenet group, but I didn't got a satisfactory (that is factual) answer. (See below.) Maybe someone could clear this out (at least from GnuPG part). (My original post was related with both GnuPG an OpenSSH). ~~~~~~~~~~ Original post: (I have a very basic question that to most of the persons reading this news-group might seem trivial. But anyway...) My concern (as stated in the subject) is related to the security strength of GnuPG and OpenSSH secret / private keys in the following context: * the secret / private keys are encrypted by using a password that only me (the owner) knows; * an attacker is in possession of my secret / private key files; * the attacker wants to gain access to the secret / private key (thus being able to impersonate me); * the attacker chooses as attack method to brute-force the files off-line, by trying to guess my password; * (by guessing the password I mean trying all possible passwords that fit a given pattern; the password is not a dictionary word, but instead is (truly) randomly created (i.e. DiceWare);) The question is: what does GnuPG or OpenSSH do to slow down password brute-force? I mean does the password derivation function use some iterations? If so how many? Can I configure them? I guess so but I couldn't find any data on the net on a quick search. (Any references are appreciated.) Also, how many bits of security should my password have in order to withstand an attack from a small / medium enterprise? (Government is out of the question as they could get access to my infrastructure by force...) Thank you for your patience and your wisdom, Ciprian Craciun. From dshaw at jabberwocky.com Sat Nov 28 16:47:20 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sat, 28 Nov 2009 10:47:20 -0500 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> Message-ID: On Nov 28, 2009, at 9:42 AM, Ciprian Dorin, Craciun wrote: > Maybe someone could clear this out (at least from GnuPG part). (My > original post was related with both GnuPG an OpenSSH). > > ~~~~~~~~~~ Original post: > > (I have a very basic question that to most of the persons reading > this news-group might seem trivial. But anyway...) > > My concern (as stated in the subject) is related to the security > strength of GnuPG and OpenSSH secret / private keys in the following > context: > * the secret / private keys are encrypted by using a password that > only me (the owner) knows; > * an attacker is in possession of my secret / private key files; > * the attacker wants to gain access to the secret / private key > (thus being able to impersonate me); > * the attacker chooses as attack method to brute-force the files > off-line, by trying to guess my password; > * (by guessing the password I mean trying all possible passwords > that fit a given pattern; the password is not a dictionary word, but > instead is (truly) randomly created (i.e. DiceWare);) > > The question is: what does GnuPG or OpenSSH do to slow down > password brute-force? I mean does the password derivation function use > some iterations? If so how many? Can I configure them? I guess so but > I couldn't find any data on the net on a quick search. (Any references > are appreciated.) GnuPG (really OpenPGP) does iterated password hashing. See section 3.7.13 "Iterated and Salted S2K" of RFC-4880 for the fine details, but the gist is as you surmised - the passphrase is run through many hash iterations. This slows down passphrase guessers as they must also repeat the hashing part the same number of times. By default, GnuPG uses 65536 iterations of the pasphrase hash, but can be configured via the --s2k-count option to be as high as 65011712 iterations. Be careful though - in some cases, a too-large value can hurt you here. If you create a passphrase-encrypted message on a fast machine, and pick a huge s2k-count, and then try to decrypt on a slow machine (say, a cell phone), the message may become effectively unusable since the repeated hashes can take an unusable amount of time on the slow processor. I'd have to look up the details if anyone is interested, but there was a case a few months back of a huge s2k-count actually causing an embedded device to trigger its deadman timer - someone had generated the message on a fast machine (so never noticed the large iteration count), but sent it to the slow one which clobbered it. > Also, how many bits of security should my password have in order > to withstand an attack from a small / medium enterprise? (Government > is out of the question as they could get access to my infrastructure > by force...) Difficult question to answer, since everyone is going to wave around their opinion. :) I'd suggest starting with the various calculators on http://www.keylength.com/ David From chaz at chaz6.com Sat Nov 28 17:33:13 2009 From: chaz at chaz6.com (Chris Hills) Date: Sat, 28 Nov 2009 17:33:13 +0100 Subject: Backup of private key In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There is thread in the archives with the subject "TPK Archival" that may be useful. http://lists.gnupg.org/pipermail/gnupg-users/2009-March/035996.html Regards, Chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJLEVDIAAoJEKba9nIFysTLIBgP/jbW5IfIWApDJq5EAHGXg9cY y5/ce671duK9uimSBl1hXJWme+C1b/OFpbVAbCR7/Uu3UxVwQeCVD8F+T6mgaPsb mUPsX5GwrOZf5YMihq0h8aRsZYb1rAccHihGnEtJi9nQd9oLyxGUGc2DGh1sMOip Oz3KJnVjpp4rP7mbNoBiIWVcJFuSwHrvhwizaAEX3M7e/82SF1ty4ycIX1MqhWuZ YM2pRbisP8Qd1RlnER0El+Cec3R4DNpxLFAS5R7rQPAVlE8LzZLg3jZtBW+yLgiJ Ec3sAtWvgxnQBWUqX6svZug3e8rbwIZiZVtkGl1b+St+SwvlpOy55aFFhMFv2LDh QaQIzWo5GFS1NxnXFzOWh+fIS1aF9xRPsuj9dNW7S1k02A3DlwwRSuS26R+TZ/D2 NHYvzct9DRG2cssv1hdGi14WJW742j0EzZ8io9bUujHJ+qwNaHbfjdrkNPc8jDbH VOCUF36jdccZP1QmmoXYRTowl2cTqs9e+osbbICqVtiIEl+Z7LDyFCYNwCcJyppd BUOOWyr8rkPoDkc0uh4Pw34uszLRYU+fGUa0+z3Vs/t8EbzhxDmCf/WZafhjcz+r B/8AUJOMxvudxOgJhZ6fQuT1vj5pNem/lMd/VWP7/XbcI3tPI2V7NeYxOmOba8E2 w2ps4NbLQbHZo95KIW7A =8Q46 -----END PGP SIGNATURE----- From faramir.cl at gmail.com Sat Nov 28 17:32:09 2009 From: faramir.cl at gmail.com (Faramir) Date: Sat, 28 Nov 2009 13:32:09 -0300 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> Message-ID: <4B115089.10104@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 David Shaw escribi?: > On Nov 28, 2009, at 9:42 AM, Ciprian Dorin, Craciun wrote: ... >> Also, how many bits of security should my password have in order >> to withstand an attack from a small / medium enterprise? (Government >> is out of the question as they could get access to my infrastructure >> by force...) > > Difficult question to answer, since everyone is going to wave around > their opinion. :) > > I'd suggest starting with the various calculators on > http://www.keylength.com/ Now the interesting question would be, how to calculate the real bit length of a passphrasse? I googled, and found this message, from this list: http://lists.gnupg.org/pipermail/gnupg-users/2008-October/034842.html Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJLEVCJAAoJEMV4f6PvczxAYLIH/2kwGMDiBa7UNs83MyyzdeFs 0DnKyEpoK4HSsvvVZhpEqBUOLuxep6qtn2uhnFlXCw7tC3e+iGTfyudPK9dhLi0J 9aIkvYMSjzTCiiywiRAMHha6Z0dei5ffIsVupjeUnuzwiEXCDliUR5MODiQc4fP6 uGJcU0Z/e/IkFlFfFKAACySvLHJcoNzllBMEnfXudqfJpeOsUoGq/T6P2zZfjGrZ ly0gwKVfEowB7fi5QXYwYL6Dfi+FmctNRbzxL0ED2Pq1q1N+fzg4VnxGX6dqtLgX EtBsg2z3jvLZE6nSD65kxkSmxu9fWSS8UIlWu21YzgFtSYWQTl1w/5gJaNTwt7o= =CL86 -----END PGP SIGNATURE----- From ciprian.craciun at gmail.com Sat Nov 28 17:55:25 2009 From: ciprian.craciun at gmail.com (Ciprian Dorin, Craciun) Date: Sat, 28 Nov 2009 18:55:25 +0200 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> Message-ID: <8e04b5820911280855o6750d0ay8e3d3c402df35d55@mail.gmail.com> On Sat, Nov 28, 2009 at 5:47 PM, David Shaw wrote: > On Nov 28, 2009, at 9:42 AM, Ciprian Dorin, Craciun wrote: > >> ? Maybe someone could clear this out (at least from GnuPG part). (My >> original post was related with both GnuPG an OpenSSH). >> >> ~~~~~~~~~~ Original post: >> >> ? (I have a very basic question that to most of the persons reading >> this news-group might seem trivial. But anyway...) >> >> ? My concern (as stated in the subject) is related to the security >> strength of GnuPG and OpenSSH secret / private keys in the following >> context: >> ? * the secret / private keys are encrypted by using a password that >> only me (the owner) knows; >> ? * an attacker is in possession of my secret / private key files; >> ? * the attacker wants to gain access to the secret / private key >> (thus being able to impersonate me); >> ? * the attacker chooses as attack method to brute-force the files >> off-line, by trying to guess my password; >> ? * (by guessing the password I mean trying all possible passwords >> that fit a given pattern; the password is not a dictionary word, but >> instead is (truly) randomly created (i.e. DiceWare);) >> >> ? The question is: what does GnuPG or OpenSSH do to slow down >> password brute-force? I mean does the password derivation function use >> some iterations? If so how many? Can I configure them? I guess so but >> I couldn't find any data on the net on a quick search. (Any references >> are appreciated.) > > GnuPG (really OpenPGP) does iterated password hashing. ?See section 3.7.13 > "Iterated and Salted S2K" of RFC-4880 for the fine details, but the gist is > as you surmised - the passphrase is run through many hash iterations. ?This > slows down passphrase guessers as they must also repeat the hashing part the > same number of times. ?By default, GnuPG uses 65536 iterations of the > pasphrase hash, but can be configured via the --s2k-count option to be as > high as 65011712 iterations. > > Be careful though - in some cases, a too-large value can hurt you here. ?If > you create a passphrase-encrypted message on a fast machine, and pick a huge > s2k-count, and then try to decrypt on a slow machine (say, a cell phone), > the message may become effectively unusable since the repeated hashes can > take an unusable amount of time on the slow processor. > > I'd have to look up the details if anyone is interested, but there was a > case a few months back of a huge s2k-count actually causing an embedded > device to trigger its deadman timer - someone had generated the message on a > fast machine (so never noticed the large iteration count), but sent it to > the slow one which clobbered it. > >> ? Also, how many bits of security should my password have in order >> to withstand an attack from a small / medium enterprise? (Government >> is out of the question as they could get access to my infrastructure >> by force...) > > Difficult question to answer, since everyone is going to wave around their > opinion. :) > > I'd suggest starting with the various calculators on > http://www.keylength.com/ > > David Thank you for the quick reply. (This is the kind of answer I was hopping to get. :) ) It seems that `s2k-count` escaped me. :) Maybe there should be an entry in the FAQ about this topic. Related with my question about the password bit strength there still is a vale on my eyes. So I guess (sorry for not being properly documented here): * the private / public key pair is generated by using whatever means (RSA / DSA); * my password is taken and fed into "Iterated and Salted S2K" to obtain the secret key encryption. * the private key data is taken and fed into '????' algorithm that uses as password what has been obtained at the previous step. So my question about key strength is: what symmetric key algorithm is used to safeguard the key. (Again I'm not properly documented here.) And based on the identity of this algorithm, I can use the site cited (http://www.keylength.com/) to determine a "best practices" key length. (Other wise I'll have to go with the generic term "symmetric key encryption"... :) ) > Now the interesting question would be, how to calculate the real bit > length of a passphrasse? I googled, and found this message, from this list: > http://lists.gnupg.org/pipermail/gnupg-users/2008-October/034842.html By key strength I mean the bits of entropy given by the password generation pattern. For example a 4-digit PIN number has only 13.3 bits of entropy, even though we need at least 16 bits to store it. (This was also pointed out by Farami in his reply.) Thanks again, Ciprian. P.S.: I'm also aware of the fact that iterations do not help at all, if a big-budget agency (NSA and the like), is going to build a hardware based brute-force key breaking, as they can build a pipeline of iteration functions that would try one key in O(1) time. :) (Or I'm wrong here?) From mariocastelancastro at gmail.com Sat Nov 28 17:54:58 2009 From: mariocastelancastro at gmail.com (=?ISO-8859-1?Q?Mario_Castel=E1n_Castro?=) Date: Sat, 28 Nov 2009 10:54:58 -0600 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: <4B115089.10104@gmail.com> References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> <4B115089.10104@gmail.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 November 28th for gnupg-users at gnupg.org thread "GnuPG private key resilience against off-line brute-force attacks" Entropy is a relative thing AFAIR: For one who knows than a password was generated by using diceware the entropy will be 7776^n + 7776^n-1 ... 7776^1 where n is the number of words. For one who knows the lenght of password the entropy will be 256^n where n is the length. If it is know than it is english text entropy would be (26+26+10)^n. In contrast for one who do not know how password has been generated the entropy will be as if it were a random one. In short the apparent entropy of passowrds depends of how many the atacker know of it. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEAREIAAYFAksRVbsACgkQZ4DA0TLic4iwsgCfSpBGgu2zIYTL98CTde7QgTBu u9sAn3fgOtJhGoj4QTXgm6A1IjE+n4HU =t1Dq -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Sat Nov 28 18:37:16 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 28 Nov 2009 12:37:16 -0500 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> Message-ID: <4B115FCC.5000602@sixdemonbag.org> David Shaw wrote: > Difficult question to answer, since everyone is going to wave around > their opinion. :) There are some empirical facts which may be useful, though -- like observing the RC5-64 project was able to break a 64-bit key via a massive distributed project that took 18 months of runtime. That's not a recommendation, just a data point which may be useful to people in making their own estimations. From John at Mozilla-Enigmail.org Sat Nov 28 19:03:27 2009 From: John at Mozilla-Enigmail.org (John Clizbe) Date: Sat, 28 Nov 2009 12:03:27 -0600 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: <4B115FCC.5000602@sixdemonbag.org> References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> <4B115FCC.5000602@sixdemonbag.org> Message-ID: <4B1165EF.6050209@Mozilla-Enigmail.org> Robert J. Hansen wrote: > David Shaw wrote: >> Difficult question to answer, since everyone is going to wave around >> their opinion. :) > > There are some empirical facts which may be useful, though -- like > observing the RC5-64 project was able to break a 64-bit key via a > massive distributed project that took 18 months of runtime. > And estimates for RC5-72 including Moore's Law effects were hovering at 18 years. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 679 bytes Desc: OpenPGP digital signature URL: From nicholas.cole at gmail.com Sat Nov 28 18:54:12 2009 From: nicholas.cole at gmail.com (Nicholas Cole) Date: Sat, 28 Nov 2009 17:54:12 +0000 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> Message-ID: On Sat, Nov 28, 2009 at 3:47 PM, David Shaw wrote: [snip] > I'd suggest starting with the various calculators on > http://www.keylength.com/ A very interesting website. I followed the links, and found this document: http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml It seems that the NSA is moving away from RSA/DH etc. cryptography, and now "only" approves their use for secret level material. They are instead pushing elliptic curve cryptography. I hadn't realised that there was such pressure to move away from traditional key exchange. Is this about the fear of quantum computing, or something else? EC in gpg is still some way off, it seems. N From marcio.barbado at gmail.com Sat Nov 28 21:07:36 2009 From: marcio.barbado at gmail.com (M.B.Jr.) Date: Sat, 28 Nov 2009 18:07:36 -0200 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> Message-ID: <2df3b0cb0911281207q1fdbdeedg950ab0d076c1026@mail.gmail.com> Hi, On Sat, Nov 28, 2009 at 1:47 PM, David Shaw wrote: >> ? The question is: what does GnuPG or OpenSSH do to slow down >> password brute-force? I mean does the password derivation function use >> some iterations? If so how many? Can I configure them? I guess so but >> I couldn't find any data on the net on a quick search. (Any references >> are appreciated.) > > GnuPG (really OpenPGP) does iterated password hashing. ?See section 3.7.13 > "Iterated and Salted S2K" of RFC-4880 for the fine details, but the gist is > as you surmised - the passphrase is run through many hash iterations. ?This > slows down passphrase guessers as they must also repeat the hashing part the > same number of times. ?By default, GnuPG uses 65536 iterations of the > pasphrase hash, but can be configured via the --s2k-count option to be as > high as 65011712 iterations. Considering a password/passphrase, which has -- by default, its 65536th hash iteration result, locally stored for comparison. If I adjust (via --s2k-count) my GnuPG's iterations number, will it generate and store a new sum value for my actual passphase? Or for this passphrase specifically, it will continue working with the number of iterations used by the time the passphrase was created? Regards, Marcio Barbado, Jr. From dshaw at jabberwocky.com Sat Nov 28 22:25:40 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sat, 28 Nov 2009 16:25:40 -0500 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: <4B115FCC.5000602@sixdemonbag.org> References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> <4B115FCC.5000602@sixdemonbag.org> Message-ID: On Nov 28, 2009, at 12:37 PM, Robert J. Hansen wrote: > David Shaw wrote: >> Difficult question to answer, since everyone is going to wave around >> their opinion. :) > > There are some empirical facts which may be useful, though -- like > observing the RC5-64 project was able to break a 64-bit key via a > massive distributed project that took 18 months of runtime. > > That's not a recommendation, just a data point which may be useful to > people in making their own estimations. That's sort of the problem, though. There are countless facts that can be brought to bear on this question, and each one, by itself is just an additional point which does not add very much to the perennial question of key length. The nice thing about the keylength.com site is that they (or rather the several research papers and guides that comprise the site) gather together hundreds or more of individual facts and - carefully showing their methodology so that others can learn - do derive recommendations. David From dshaw at jabberwocky.com Sat Nov 28 22:28:34 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sat, 28 Nov 2009 16:28:34 -0500 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: <2df3b0cb0911281207q1fdbdeedg950ab0d076c1026@mail.gmail.com> References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> <2df3b0cb0911281207q1fdbdeedg950ab0d076c1026@mail.gmail.com> Message-ID: <865BE87B-E88C-49B0-8068-B16DD02C39A7@jabberwocky.com> On Nov 28, 2009, at 3:07 PM, M.B.Jr. wrote: > Hi, > > > On Sat, Nov 28, 2009 at 1:47 PM, David Shaw > wrote: >>> The question is: what does GnuPG or OpenSSH do to slow down >>> password brute-force? I mean does the password derivation function >>> use >>> some iterations? If so how many? Can I configure them? I guess so >>> but >>> I couldn't find any data on the net on a quick search. (Any >>> references >>> are appreciated.) >> >> GnuPG (really OpenPGP) does iterated password hashing. See section >> 3.7.13 >> "Iterated and Salted S2K" of RFC-4880 for the fine details, but the >> gist is >> as you surmised - the passphrase is run through many hash >> iterations. This >> slows down passphrase guessers as they must also repeat the hashing >> part the >> same number of times. By default, GnuPG uses 65536 iterations of the >> pasphrase hash, but can be configured via the --s2k-count option to >> be as >> high as 65011712 iterations. > > > Considering a password/passphrase, which has -- by default, its > 65536th hash iteration result, locally stored for comparison. > > If I adjust (via --s2k-count) my GnuPG's iterations number, will it > generate and store a new sum value for my actual passphase? Or for > this passphrase specifically, it will continue working with the number > of iterations used by the time the passphrase was created? The s2k-count is only used when creating the passphrase for the first time (and that applies to both creating a new secret key as well as encrypting something with a passphrase via --symmetric). If you want to change the s2k-count of an existing secret key, you need to set the new s2k-count and then change the passphrase. You can "change" it to the same passphrase if you like - it's the creation of a new passphrase-to-key that picks up the new s2k-count. David From dshaw at jabberwocky.com Sat Nov 28 23:08:38 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sat, 28 Nov 2009 17:08:38 -0500 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: <8e04b5820911280855o6750d0ay8e3d3c402df35d55@mail.gmail.com> References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> <8e04b5820911280855o6750d0ay8e3d3c402df35d55@mail.gmail.com> Message-ID: <38397BF6-E6DA-49DB-9328-C83967C3EA49@jabberwocky.com> On Nov 28, 2009, at 11:55 AM, Ciprian Dorin, Craciun wrote: > Thank you for the quick reply. (This is the kind of answer I was > hopping to get. :) ) It seems that `s2k-count` escaped me. :) > > Maybe there should be an entry in the FAQ about this topic. > > Related with my question about the password bit strength there > still is a vale on my eyes. So I guess (sorry for not being properly > documented here): > * the private / public key pair is generated by using whatever > means (RSA / DSA); > * my password is taken and fed into "Iterated and Salted S2K" to > obtain the secret key encryption. > * the private key data is taken and fed into '????' algorithm that > uses as password what has been obtained at the previous step. The "????" is CAST5, by default. You can change it with --s2k-cipher- algo. The usual s2k rules apply - if you change the s2k-cipher-algo, it won't take effect until you change the passphrase. Also, be careful you don't shoot yourself in the foot with setting the algorithm to something you can't handle. This is less of a danger than with most algorithm changing tweaks: you only have to guarantee that *you* (and not all of your correspondents) have the ability to handle the key. So if you want your passphrase to be as strong as CAST5, you'd need a really massive passphrase. The passphrase is almost always the weakest part of this sort of system, by far. > P.S.: I'm also aware of the fact that iterations do not help at > all, if a big-budget agency (NSA and the like), is going to build a > hardware based brute-force key breaking, as they can build a pipeline > of iteration functions that would try one key in O(1) time. :) (Or I'm > wrong here?) They're more likely to hit you with a wrench, a la http://xkcd.com/ 538/ :) David From mariocastelancastro at gmail.com Sat Nov 28 23:29:27 2009 From: mariocastelancastro at gmail.com (=?ISO-8859-1?Q?Mario_Castel=E1n_Castro?=) Date: Sat, 28 Nov 2009 16:29:27 -0600 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: <38397BF6-E6DA-49DB-9328-C83967C3EA49@jabberwocky.com> References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> <8e04b5820911280855o6750d0ay8e3d3c402df35d55@mail.gmail.com> <38397BF6-E6DA-49DB-9328-C83967C3EA49@jabberwocky.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 November 28th 2009 for gnupg-users at gnupg.org thread "GnuPG private key resilience against off-line brute-force attacks" Loop unrolling only gives more performance in very small loops, for not so small ones there can be in fact a performance penality since as the unrolled code is great it leaves less cache for data. The complexity of a S2K algoritm is constant for variable input and constant iterations, in other words, it is O(1) but this O(1) assumes constant number of iterations, if we consider that factor the complexity would be O(iterations). So that O(1) than you say is correct but meaningless in this context. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEAREIAAYFAksRpCIACgkQZ4DA0TLic4iEUACgjxnvVcF0JXiBI3MuMv8HHwdY +P4AniUvv+j5Ysg99Qc+xDZ9e1LnCzxS =h116 -----END PGP SIGNATURE----- From ciprian.craciun at gmail.com Sun Nov 29 00:49:03 2009 From: ciprian.craciun at gmail.com (Ciprian Dorin, Craciun) Date: Sun, 29 Nov 2009 01:49:03 +0200 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> <8e04b5820911280855o6750d0ay8e3d3c402df35d55@mail.gmail.com> <38397BF6-E6DA-49DB-9328-C83967C3EA49@jabberwocky.com> Message-ID: <8e04b5820911281549h364acb98hd125932869be43a@mail.gmail.com> On Sun, Nov 29, 2009 at 12:29 AM, Mario Castel?n Castro wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > November 28th 2009 for gnupg-users at gnupg.org thread "GnuPG private key > resilience against off-line brute-force attacks" > > Loop unrolling only gives more performance in very small loops, for > not so small ones there can be in fact a performance penality since as > the unrolled code is great it leaves less cache for data. > > The complexity of a S2K algoritm is constant for variable input and > constant iterations, in other words, it is O(1) but this O(1) assumes > constant number of iterations, if we consider that factor the > complexity would be O(iterations). > > So that O(1) than you say is correct but meaningless in this context. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEAREIAAYFAksRpCIACgkQZ4DA0TLic4iEUACgjxnvVcF0JXiBI3MuMv8HHwdY > +P4AniUvv+j5Ysg99Qc+xDZ9e1LnCzxS > =h116 > -----END PGP SIGNATURE----- Again, as I've replied to Mario (off-the-list, below the excerpt for the rest of the list), by pipe-lining I assumed something like a hardware SIMD architecture. But I do agree that for a software-based implementation the iteration count does imply O(iteration_count) time complexity (which is constant). But not for a hardware implementation, where I can trade O(1) (and by `1` I don't mean constant, I actually mean `one heart-beat or a small number of hardware cycles`) in time with a O(n) in hardware complexity. In short: > Now imagine that we construct `iteration_count` many hardware > based `hash` blocks. > > password -> (hash) -> ... iteration_count ... -> (hash) -> output Could someone prove me wrong? (I'm not a hardware expert, but I believe it's technical possible.) Ciprian. On Sat, Nov 28, 2009 at 7:20 PM, Ciprian Dorin, Craciun wrote: > On Sat, Nov 28, 2009 at 7:08 PM, Mario Castel?n Castro > wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> November 28th for gnupg-users at gnupg.org thread "GnuPG private key >> resilience against off-line brute-force attacks" >> >>>P.S.: I'm also aware of the fact that iterations do not help at all, >>>if a big-budget agency (NSA and the like), is going to build a >>>hardware based brute-force key breaking, as they can build a pipeline >>>of iteration functions that would try one key in O(1) time. :) (Or >>>I'm wrong here?) >> >> Pipelining do not make iterated functions go to O(1)!. They are faster >> but still of the same complexity. So: more iterations, more time that >> it took to calculate, be the CPU where ejecuted pipelined or not. >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.9 (GNU/Linux) >> >> iEYEAREIAAYFAksRWPcACgkQZ4DA0TLic4hC/QCfe9k3PybJ7X4W0oApBuob1OWh >> yjAAn2tYiBK3yUZkAQh8dcWwwlrgxUU5 >> =Om9a >> -----END PGP SIGNATURE----- > > > By pipeline-ing, I don't mean what we have in CPU's. > > I assume that the general working principle of the iterations work > like this: > ~~~~ > password = ... > iteration_count = ... > hashed_password = password > for i in range (0, iterattion_count): > hashed_password = hash (hashed_password) > ~~~~ > > Now this code can be unroll-ed (if the iteration count is known at > build-time): > ~~~~ > password = ... > hashed_password = password > hashed_password = hash (hashed_password) > ... in total iteration_count times > hashed_password = hash (hashed_password) > ~~~~ > > Now imagine that we construct `iteration_count` many hardware > based `hash` blocks. > > password -> (hash) -> ... iteration_count ... -> (hash) -> output > > And at each time-tick (heartbeat) we fed 'password + 1' and push > the output from one hash box to another (at the same time). Thus at > each step we obtain as output one hashed password per heart-beat. > > This is why I'm saying it is only O(1), but O(n) in > hardware-blocks. Thus we trade hardware complexity with time > complexity. > > This architecture is called SIMD (Single Instruction Multiple > Data) http://en.wikipedia.org/wiki/SIMD > > So, does it seem possible now? :) (I've not actually have seen any > mention of such method, but my opinion is that it's possible.) > > Ciprian. From mariocastelancastro at gmail.com Sun Nov 29 01:30:53 2009 From: mariocastelancastro at gmail.com (=?ISO-8859-1?Q?Mario_Castel=E1n_Castro?=) Date: Sat, 28 Nov 2009 18:30:53 -0600 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: <8e04b5820911281549h364acb98hd125932869be43a@mail.gmail.com> References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> <8e04b5820911280855o6750d0ay8e3d3c402df35d55@mail.gmail.com> <38397BF6-E6DA-49DB-9328-C83967C3EA49@jabberwocky.com> <8e04b5820911281549h364acb98hd125932869be43a@mail.gmail.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 November 28th 2009 for gnupg-users at gnupg.org thread "GnuPG private key resilience against off-line brute-force attacks" Ciprian: Wath you say is possible but useless. One could build a machine who computes anything in only 1 clock cycle or than not even need clock cycles: there are circuits than change it output as it input is changed without need of a pulse (Usually from a clock, it is: constant frecuency pulse generator) but the change is not inmmediate. As the compexity (Circuit complexity, not computational complexity) increases the delay betwen input change (Or clock signal) and output change becomes greater and greater thus they operating frecuence is low. So, yes, it can be built a machine than compues the S2K in one clock cycle, but it clock cycle shold be of very very low frecuency thus having the same performance as a machine than computes a S2K in say, 20,000 cycles but with much faster cicles. This is the contrary version of the megahert myth: "More cycles, more speed" than assumes than a 2.4 GHz CPU have the same eficiency per cycle than a 3.2 one. You instead think than more eficience per cycle gives more performance, your mistrake is than the cycles will be larger and frecuency much lower. Performance = Frecuency * Performance of each cycle. Sometimes one can make cycles 2 times more efficient but frecuency only 20% lower as intel do with P4 to Core 2 but this tradeoff can't be repeated infite times. There are some point where slighty more efficient cycles provokes a much more loss in frecuency and therefore the overall performance will be low. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEAREIAAYFAksRwJ4ACgkQZ4DA0TLic4il2QCeKXlMID7S0K8/ay3JuWCqvxrP Kq8An1GDC/bGlgbwjGr8ebrdRAPgJ+H4 =o+UI -----END PGP SIGNATURE----- 2009/11/28 Ciprian Dorin, Craciun : > On Sun, Nov 29, 2009 at 12:29 AM, Mario Castel?n Castro > wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> November 28th 2009 for gnupg-users at gnupg.org thread "GnuPG private key >> resilience against off-line brute-force attacks" >> >> Loop unrolling only gives more performance in very small loops, for >> not so small ones there can be in fact a performance penality since as >> the unrolled code is great it leaves less cache for data. >> >> The complexity of a S2K algoritm is constant for variable input and >> constant iterations, in other words, it is O(1) but this O(1) assumes >> constant number of iterations, if we consider that factor the >> complexity would be O(iterations). >> >> So that O(1) than you say is correct but meaningless in this context. >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.9 (GNU/Linux) >> >> iEYEAREIAAYFAksRpCIACgkQZ4DA0TLic4iEUACgjxnvVcF0JXiBI3MuMv8HHwdY >> +P4AniUvv+j5Ysg99Qc+xDZ9e1LnCzxS >> =h116 >> -----END PGP SIGNATURE----- > > > ? ?Again, as I've replied to Mario (off-the-list, below the excerpt > for the rest of the list), by pipe-lining I assumed something like a > hardware SIMD architecture. > > ? ?But I do agree that for a software-based implementation the > iteration count does imply O(iteration_count) time complexity (which > is constant). But not for a hardware implementation, where I can trade > O(1) (and by `1` I don't mean constant, I actually mean `one > heart-beat or a small number of hardware cycles`) in time with a O(n) > in hardware complexity. > > ? ?In short: >> ? ?Now imagine that we construct `iteration_count` many hardware >> based `hash` blocks. >> >> password -> (hash) -> ... iteration_count ... -> (hash) -> output > > ? ?Could someone prove me wrong? (I'm not a hardware expert, but I > believe it's technical possible.) > > ? ?Ciprian. > > > On Sat, Nov 28, 2009 at 7:20 PM, Ciprian Dorin, Craciun > wrote: >> On Sat, Nov 28, 2009 at 7:08 PM, Mario Castel?n Castro >> wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA256 >>> >>> November 28th for gnupg-users at gnupg.org thread "GnuPG private key >>> resilience against off-line brute-force attacks" >>> >>>>P.S.: I'm also aware of the fact that iterations do not help at all, >>>>if a big-budget agency (NSA and the like), is going to build a >>>>hardware based brute-force key breaking, as they can build a pipeline >>>>of iteration functions that would try one key in O(1) time. :) (Or >>>>I'm wrong here?) >>> >>> Pipelining do not make iterated functions go to O(1)!. They are faster >>> but still of the same complexity. So: more iterations, more time that >>> it took to calculate, be the CPU where ejecuted pipelined or not. >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1.4.9 (GNU/Linux) >>> >>> iEYEAREIAAYFAksRWPcACgkQZ4DA0TLic4hC/QCfe9k3PybJ7X4W0oApBuob1OWh >>> yjAAn2tYiBK3yUZkAQh8dcWwwlrgxUU5 >>> =Om9a >>> -----END PGP SIGNATURE----- >> >> >> ? ?By pipeline-ing, I don't mean what we have in CPU's. >> >> ? ?I assume that the general working principle of the iterations work >> like this: >> ~~~~ >> ? ?password = ... >> ? ?iteration_count = ... >> ? ?hashed_password = password >> ? ?for i in range (0, iterattion_count): >> ? ? ? ?hashed_password = hash (hashed_password) >> ~~~~ >> >> ? ?Now this code can be unroll-ed (if the iteration count is known at >> build-time): >> ~~~~ >> ? ?password = ... >> ? ?hashed_password = password >> ? ?hashed_password = hash (hashed_password) >> ? ?... in total iteration_count times >> ? ?hashed_password = hash (hashed_password) >> ~~~~ >> >> ? ?Now imagine that we construct `iteration_count` many hardware >> based `hash` blocks. >> >> password -> (hash) -> ... iteration_count ... -> (hash) -> output >> >> ? ?And at each time-tick (heartbeat) we fed 'password + 1' and push >> the output from one hash box to another (at the same time). Thus at >> each step we obtain as output one hashed password per heart-beat. >> >> ? ?This is why I'm saying it is only O(1), but O(n) in >> hardware-blocks. Thus we trade hardware complexity with time >> complexity. >> >> ? ?This architecture is called SIMD (Single Instruction Multiple >> Data) http://en.wikipedia.org/wiki/SIMD >> >> ? ?So, does it seem possible now? :) (I've not actually have seen any >> mention of such method, but my opinion is that it's possible.) >> >> ? ?Ciprian. > From ml at mareichelt.de Sun Nov 29 02:33:58 2009 From: ml at mareichelt.de (markus reichelt) Date: Sun, 29 Nov 2009 02:33:58 +0100 Subject: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key) In-Reply-To: <8e04b5820911280855o6750d0ay8e3d3c402df35d55@mail.gmail.com> References: <8e04b5820911280642h4df8f687nd0d6819dac4ef92f@mail.gmail.com> <8e04b5820911280855o6750d0ay8e3d3c402df35d55@mail.gmail.com> Message-ID: <20091129013358.GN3313@tatooine.rebelbase.local> * "Ciprian Dorin, Craciun" wrote: > Thank you for the quick reply. (This is the kind of answer I was > hopping to get. :) ) It seems that `s2k-count` escaped me. :) > > Maybe there should be an entry in the FAQ about this topic. Well, other projects make good use of that option, f.e. loop-AES, have a look at section 5 of http://loop-aes.sourceforge.net/loop-AES.README -- left blank, right bald -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From Werner.Dittmann at t-online.de Sun Nov 29 11:13:01 2009 From: Werner.Dittmann at t-online.de (Werner Dittmann) Date: Sun, 29 Nov 2009 11:13:01 +0100 Subject: Some questions regarding libgcrypt-config Message-ID: <4B12492D.8000107@t-online.de> All, to set-up configuration script I use the libgcrypt-config command to determine parameters about libgcrypt. During tests I get a confusing result :-) when checking available algorithms: To check the availabe algorithms I do: libgcrypt-config --algorithms Symmetric cipher algorithms: arcfour blowfish cast5 des aes twofish serpent rfc2268 seed camellia Public-key cipher algorithms: dsa elgamal rsa ecc Message digest algorithms: crc md4 md5 rmd160 sha1 sha256 sha512 tiger whirlpool My program uses SHA384 from libgcrypt but this algorithm is no listed. Thus is it save to assume if SHA512 is avaliable then SHA384 is also available? Regards, Werner D. From sean at srima.ie Sun Nov 29 13:10:35 2009 From: sean at srima.ie (Sean Rima) Date: Sun, 29 Nov 2009 12:10:35 +0000 Subject: Playing with auto-key-locate Message-ID: <1928906223.20091129121035@srima.ie> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello Gnupg-users, I am playing with auto-key-locate (as per http://gushi.livejournal.com/524199.html) however this is under Vista. Does the Windows port not have pka lookup enabled during the build, I see ldap works but pka and cert don't Sean - -- Thawte, GSWoT and CaCert WOT Assurer .tel http://rima.tel/ I believe that every human has a finite number of heartbeats. I don't intend to waste any of mine running around doing exercises. - Neil Armstrong -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Contact Details http://rima.tel iEYEAREIAAYFAksSZL4ACgkQydfi32iLfZj3fQCgjR+oOUKT9JTyD1BJ2or/PNV7 v2IAn19kibUsQHxpHUYp+cU0qqp2oQwu =HLHA -----END PGP SIGNATURE----- From wk at gnupg.org Sun Nov 29 17:48:52 2009 From: wk at gnupg.org (Werner Koch) Date: Sun, 29 Nov 2009 17:48:52 +0100 Subject: Some questions regarding libgcrypt-config In-Reply-To: <4B12492D.8000107@t-online.de> References: <4B12492D.8000107@t-online.de> Message-ID: <878wdpz37v.wl%wk@gnupg.org> Hi! On Sun, 29 Nov 2009 11:13:01 +0100, Werner Dittmann wrote: > Message digest algorithms: crc md4 md5 rmd160 sha1 sha256 sha512 tiger whirlpool The names are actually those of the source files. > Thus is it save to assume if SHA512 is avaliable then SHA384 is also > available? Right, SHA384 is available if SHA512 is listed SHA224 is available if SHA256 is listed. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Sun Nov 29 17:52:32 2009 From: wk at gnupg.org (Werner Koch) Date: Sun, 29 Nov 2009 17:52:32 +0100 Subject: Playing with auto-key-locate In-Reply-To: <1928906223.20091129121035@srima.ie> References: <1928906223.20091129121035@srima.ie> Message-ID: <877ht9z31r.wl%wk@gnupg.org> On Sun, 29 Nov 2009 12:10:35 +0000, Sean Rima wrote: > I am playing with auto-key-locate (as per > http://gushi.livejournal.com/524199.html) however this is under > Vista. Does the Windows port not have pka lookup enabled during the > build, I see ldap works but pka and cert don't That depends on the build. If you use GnuPG from Gpg4win this should work. I once ported the adns library for it and this port is included in gpg4win. The simple gnupg 1.4.x installer from ftp.gnupg.org may not support it. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dshaw at jabberwocky.com Sun Nov 29 18:10:41 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sun, 29 Nov 2009 12:10:41 -0500 Subject: Some questions regarding libgcrypt-config In-Reply-To: <4B12492D.8000107@t-online.de> References: <4B12492D.8000107@t-online.de> Message-ID: On Nov 29, 2009, at 5:13 AM, Werner Dittmann wrote: > All, > > to set-up configuration script I use the libgcrypt-config command > to determine parameters about libgcrypt. During tests I get a > confusing result :-) when checking available algorithms: > > To check the availabe algorithms I do: > > libgcrypt-config --algorithms > Symmetric cipher algorithms: arcfour blowfish cast5 des aes twofish > serpent rfc2268 seed camellia > Public-key cipher algorithms: dsa elgamal rsa ecc > Message digest algorithms: crc md4 md5 rmd160 sha1 sha256 sha512 > tiger whirlpool > > My program uses SHA384 from libgcrypt but this algorithm is no listed. > > Thus is it save to assume if SHA512 is avaliable then SHA384 is also > available? Yes, the two algorithms go together. SHA384 and SHA512 are essentially the same algorithm. SHA384 is really SHA512 with a different initialization and 128 bits chopped off. David From sean at srima.ie Sun Nov 29 18:34:26 2009 From: sean at srima.ie (Sean Rima) Date: Sun, 29 Nov 2009 17:34:26 +0000 Subject: Playing with auto-key-locate In-Reply-To: <877ht9z31r.wl%wk@gnupg.org> References: <1928906223.20091129121035@srima.ie> <877ht9z31r.wl%wk@gnupg.org> Message-ID: <121924581.20091129173426@srima.ie> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 [Sorry last should have gone to list only) Hello Werner, Sunday, November 29, 2009, 4:52:32 PM, you wrote: > On Sun, 29 Nov 2009 12:10:35 +0000, Sean Rima wrote: >> I am playing with auto-key-locate (as per >> http://gushi.livejournal.com/524199.html) however this is under >> Vista. Does the Windows port not have pka lookup enabled during the >> build, I see ldap works but pka and cert don't > That depends on the build. If you use GnuPG from Gpg4win this should > work. I once ported the adns library for it and this port is included > in gpg4win. The simple gnupg 1.4.x installer from ftp.gnupg.org may > not support it. I have both gpg 1 and 2 installed and neither seem to include it. mI was trying to build gpg myself but hitting a problem with libcurl. The command line I am using is: gpg2 --no-default-keyring --keyring /temp/gpg --encrypt --armor --auto-key-locate pka -r sean at srima.eu The return is gpg: invalid auto-key-locate list Sean - -- Thawte, GSWoT and CaCert WOT Assurer .tel http://rima.tel/ I believe that every human has a finite number of heartbeats. I don't intend to waste any of mine running around doing exercises. - Neil Armstrong -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Contact Details http://rima.tel iHIEAREIADIFAksSsKIrFIAAAAAAFQANcGthLWFkZHJlc3NAZ251cGcub3Jnc2Vh bkBzcmltYS5ldQAKCRDJ1+LfaIt9mASaAKCTxJ9h9XrTbrT5x/DERMiIS7TbrgCg u9fiVuRccNTb0AjnvWEcNHjolj4= =yIWf -----END PGP SIGNATURE----- From vedaal at hush.com Mon Nov 30 16:08:57 2009 From: vedaal at hush.com (vedaal at hush.com) Date: Mon, 30 Nov 2009 10:08:57 -0500 Subject: GnuPG private key resilience against off-line brute-force attacks Message-ID: <20091130150857.72F1F2803F@smtp.hushmail.com> David Shaw wrote on 2009-11-28 22:08:38 : >They're more likely to hit you with a wrench, a la http://xkcd.com/ 538/ :) also, he has a rather interesting sympathetic take on the MITM attack: http://xkcd.com/177/ ;-) vedaal From alan at batie.org Mon Nov 30 21:05:09 2009 From: alan at batie.org (Alan Batie) Date: Mon, 30 Nov 2009 12:05:09 -0800 Subject: dumping a gpg message Message-ID: <4B142575.2050306@batie.org> I've searched around and can't seem to find anything to dump a gpg message for debugging, but I have a hard time believing there isn't something like that. I simply want to see who it was encrypted to, as I'm getting complaints that messages sent to multiple people are only getting encrypted to one, so I'd like a high level decoder ring. I seem to recall having found a highly detailed one a long time ago, but it was geared towards a coder, not a user, and not too useful, even if I could find it again... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 304 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Mon Nov 30 22:27:01 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 30 Nov 2009 16:27:01 -0500 Subject: dumping a gpg message In-Reply-To: <4B142575.2050306@batie.org> References: <4B142575.2050306@batie.org> Message-ID: <4B1438A5.4040502@fifthhorseman.net> On 11/30/2009 03:05 PM, Alan Batie wrote: > I've searched around and can't seem to find anything to dump a gpg > message for debugging, but I have a hard time believing there isn't > something like that. I simply want to see who it was encrypted to, as > I'm getting complaints that messages sent to multiple people are only > getting encrypted to one, so I'd like a high level decoder ring. I seem > to recall having found a highly detailed one a long time ago, but it was > geared towards a coder, not a user, and not too useful, even if I could > find it again... You might be interested in gpg --list-packets, or in the pgpdump package (found upstream at: http://www.mew.org/~kazu/proj/pgpdump/) hth, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 891 bytes Desc: OpenPGP digital signature URL: From cleardata at earthlink.net Mon Nov 30 23:56:37 2009 From: cleardata at earthlink.net (cleardata at earthlink.net) Date: Mon, 30 Nov 2009 14:56:37 -0800 Subject: Newbie where to find script for FTP Message-ID: <6.1.2.0.2.20091130145221.01d31ae8@insurancecompany.com> Hi gang --- I subscribed awhile back so I could try and absorb some of the tech stuff on the forum. Q: I have a BlueOnyx box and what to take the next step in finding a script that will use GnuPG (still need to get) to FTP some of my files on this box to an end user. Any suggestions? From jeffinnova at hotmail.com Sun Nov 29 22:51:34 2009 From: jeffinnova at hotmail.com (wavelength) Date: Sun, 29 Nov 2009 13:51:34 -0800 (PST) Subject: Equivalent segments between different Fedora & RPM Fusion ASCII armored key blocks Message-ID: <26566574.post@talk.nabble.com> Can someone explain why large segments within the ASCII armored key blocks of Fedora 11 & 12 match? Attached below are the respective key blocks. Two matching regions between the blocks are highlighted with bold arrows. In addition, large segments within the RPM-GPG-KEY-rpmfusion-free-fedora-12-primary key match parts of these same segments (highlighted in italics - see below). I assume this is normal, but it's unclear why this would be the case. Also, what do the last 8 digits signify in the output below? rpm -qa gpg-pubkey* gpg-pubkey-16ca1a56-4a100959 gpg-pubkey-57bbccba-4a6f97af Thanks in advance ================================================== ============== RPM-GPG-KEY-fedora-12-primary -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (GNU/Linux) mQINBE pvl68BEADHaID3riLF8dKEplScdHDoLvVSQA7w4KzRF3sC+4qm h6qxWxvb blUlrtkN9jn049g7JEydtBmqmhJpixtq0vMeiHSyyGgl5B1DfQ nNCUUJUM+SKdLN 1XjrsifYlYkpKiWWhStESwHAYeR+NS6ahPqHS2ZRtnSYsVGzr5 68YOMUqsfh7xOH /nugJEY7dHh+BkRkQlG2Sq7w1aIq5cLtHskUhIWG5odUbkzplEv v+t0OFxQfRh47 l+PknILo7ecyrL55SzD/+R8ANqMu3BeMocwCga7pSl6RfZjdvLC8p8HhJ5gwGzGj 3YxjLoga0lWNVIhsq/LpS9vPD2mVHsVlSLHsZSTSDr3zQf2nSlaxzZb9zWAW3cVR EXy9Ly835b6HFTPqgkclkymV31eDI1BU1AT/5gp7lrzUNA7xbvtQy4VrML/gCO/I 4G7j5qOIZewlxEMHM1GvEPLPbnC4X3NmKmRogvxg9Sir7DHOq3 uHDBQlBYi7FzBG QvjgjgjpGcmPLTVuuhzGLr8XFH5Gk3kSji7mrDxAW3sD/16ZQ5xzT8HEx4L+bdCw R+i2SpOvKLt2DPeFykAFnpkgHwkqCYtZhzT8QZ/9JR9UvRqPNskkB+41R/jgMw4+ 77dXYNdiL7502vpCvPqaqRuf0kWag9bq1ZBwsqUDz7FV1gvH0T v+sugBH >>>>>QARAQABtCZGZWRvcmEgKDEyKSA8ZmVkb3JhQGZlZG9yYXByb2plY3Qub3JnPokCNgQTAQIAIAUCS<<<<< m+XrwIbD >>>>>wYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJE<<<<< J0cw0hXu8y6N2QP /R9wYh4bHYIUOv8ysc188PKXgvHFLGTIJOigqgIFfIl4FP92Nlx orVLxQ5M59KWR DACsBwKNF4pVXTlULJQc6Mq3noNdFPyvYRfDPXUdOKPX3xNy0N HiuHPuXk8c7T6W yaBlZBy5oKaBq1LdoIsaw1vMnyd3Hdo/nh1fcZ19sqGtLwV5t4dmzOSACTi1Fpn+ /mNKi1xrBwE7tvFpE08zW3uYTK3RKP300mRpcRqG66IVVuHdhRT 6jTteyL/vHaw4 jVyUg040JbJ1itZaqUcLagkSDRw04D1PxllVGr4laHlBEjdoqK wZV5PvMs6AE+zx GyFuFtRvAiOPO62g35uZBncGGZaTC+WwXWEaPkjPHxOFVTqemV amL11vEUDfSQqv ui9Ul24E06mb5AsHsyiptyrmUDbbpz6Wyo60kaMWSEISoiTGAI FMSimfLVkQLYAQ L5Q5AM/rnIHibd6PGFD0Twv7DMp429rw1ItosNRPA6G/BVi0FadN0OoPF5RBJU7z 4xt0jy5mDHfX2Fc2xSbZPKV9lrvJd8KYdRXCIDwH9e0Dvlf7pw 4lvxDvh1WtSbj2 eNaJlTIksj/Qb3lbdMrZ72GNnIJF1gRkzjFg9ICaGrhMHQQ8phjwC4ME1h6iE VAJ 5InJW4stZl1Bdl1NdxvQIbboVmtruN2VhgKKbXEFk1f+ =f8U5 -----END PGP PUBLIC KEY BLOCK----- ================================================== ============== RPM-GPG-KEY-fedora-11-primary -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.9 (GNU/Linux) mQINBE l1CHEBEACn5bv6rGJW50UJ59QoI5E27q04g3Gv8bH5/wtk8NjwvgTCtGRd hfXCWvd4OGZjN67m0tsWmJltC7pCv6i3pnaVsVWo1u36+aoZtd P1tqv7CD3QlnLK bx740Oor2YJJvlr7ypFcYPH1+xBZOHXUjPRrqTT6nY6AVm2U/udIVZQHhNG0mc4K IHYZeJM3GFOL1sE+PX8zpcGh4MUKBsVcPNVYpD+HPQyDAgQcL4 +uOFR0tnonaiWm vA7A/4kNokHpbwDY7WwEnGZM6KJUGa2rTNXJ+Vij0ng7mWRZ5/0GcM4/mMX6dn9S xghbESiLdip1ZTb60B/ClFZi5PiB12J6DQo2h3+hpxhx0AHJSQRKt+5uw/UyjdmG zHROos8KRvTlTXeKj2SsNvjQKrbyQGT0AXVBcuXLbbDjijaIF8 EE4SFXkCyU5Do9 6mEkuEwMcdZ8KQC25gF5jlM0G+nZmcSgZin7b4jRvFEPZ+WbPz B51wijmPuiadWT H2ssiBFSHZG0SljVu6vG5YaTwgyB24+1jb/eTSz/wa/Kh8u1loZnWb/F0K2UnA6M frDnlpdBskgMjBFXnzOqRYqzyQRCBe4T2IbkzUnQYeiqvJAiVs dVG5/TncxCzhfA E9t2gjilRcWGRl8W96M0mHlw2uMkLRDN4BfwmWePlQQ8fGKma+ PiO4E9r >>>>>QARAQABtCZGZWRvcmEgKDExKSA8ZmVkb3JhQGZlZG9yYXByb2plY3Qub3JnPokCNgQTAQIAIAUCS<<<<< e4UCQIbA >>>>>wYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJE<<<<< B3Fx1jSLnfygm0P /RIMXuhggaKzYYSrtv4GH8F96643WwmuoGl0hZydNt3WwJCy+pN AmFkCK1NG0K6Y HC/7jWKImpl61q0XJwygOZAfpy6DNKsIQkfJdk7afZHruXrapphIb f127pfSayu9 bWHKc6ZovZ3tt8XjH7p9cU+qfidmTyUVJheIJyLQ9C+Cand3XJ 6tR+1catKcGYWR Zjjr0gxQWj3T4ow4VP9rju8BRYItgDcfqWSK06HAkp/AbCqJQSwBF5m9mSYokOA2 YQuYwAcDMjl/dEoGgzm+OLoyj3+mkeMdQTMnjvEirtsVBai5CzHlhukAqUpBBM V4 MQmNMkYKCCbt/uOuy+Uj6caV1HITZmDUOAu3Qr9Ur1tG4lggLTKSCWrc6sBGdg3 Y w04XkHppU32bPYPX2QGqMJh9QOQAciZIw22NNffDUI0f467cJ7 j+nv1M9lsd5voZ BiHN5d7abDr81q22+m7tQzdy2UvYXT0tsEHS6DUWvo4PUW2/IpUOv8SUytxTACiY EGYA00q5Ax+h8FPXo1v7Dd2GksLduyByaW0p7P2VyjJTsqkMVE Q2wRNCE8eipg2s xpsSU9M29uf7/goHDI6pfXpN+q2uPTLucCEIjG5bDICw3uwWLCJ+AXYLiPzCtn7 j TaPTZVVFnbBFu75zklD8EtJ1fHJngYTq7yIMNKOJQTyQ =moZO -----END PGP PUBLIC KEY BLOCK----- ================================================== ============== RPM-GPG-KEY-rpmfusion-free-fedora-12-primary -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (GNU/Linux) mQINBE oQCVkBEAC/C3Kbm1MJJ4A7e5T3HKFRFI0S5+jpKKtgohN9NzAJq2Q0/66M CtQs2t0LBjVTiP3YMzvj33GFNuR/vYwLLYUSG/tJufEb4lNGaOopwgZziOyuqKOi OeNmX8T2UwsU8IgkXcoYn/cgKk5I8B07n3F+Bunyl1GocGr8UXovH4sKRk3FdNi7 r+U6eIr9mMlOLVkvp/oF7rrheL3FJ86a/wkmouOjWVMHIiT2jLBaNs0vMN58o4qz DUMTqWSHwSbXPGdrKHeHitvOQGeRc9AYopxPGhL1S/LolqZbK84tWdDvIPrQDYVk 35dKebrbQYuIcQEcU6nXr61U4UsgWi2366JmGbhYAkUNTm+B/maVbVvdAvkn86Lv Ul5AlAVaMNjrPCh5um0nlz2vg2KwbRhLrwfIZYXvN8x+XLA8S+ fgw61pkE63RvqE oAB4zp8/1QAOsBwhYvDISPTlDsvR03C5JjNlMCVfoRXmwEeRoEzoKnhXhW NZGdAo z1xR1gObkEX1i3/zk7OkJX4XJyvKsR3z4gZ+LTY+oE7ahSRBDNnsE0omcCuqV8XR QjpZ1gUhSJImjfXI2GdDslJsSwAbIPq9uz10XMlIgu4nbbFif0 PN8gwmYW7Tm6O6 iuZiU53S5QVGRVaQEbM93Nq+nMYZ3ZKYBaNGMSUrKWXtzyydU8 fLte4qC >>>>>QARAQABt<<<<< FNSUE0gRnVzaW9uIGZyZWUgcmVwb3NpdG9yeSBmb3IgRmVkb3J hICgxMikgPHJw bWZ1c2lvbi1idWlsZHN5c0BsaXN0cy5ycG1mdXNpb24 >>>>>ub3JnPokCNgQTAQIAIAUCS<<<<< hAJWQIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJENVW/hMWyhpWQ5gP+wVo jZ/srZtzjKwPu5xTzSfcFFvHWRW3mp6jogRC5qzw7ZcQ0v4FQCRvF 4AZfDpjDr8B f2PKreCELTzQ0P4ZQs1qdVsrEDJYuDh380lrmS9U0vgXw7JvBI/61NopoThQ5TKf 9ldCxEkQsPd4NFlR/6m6TxoO9POPH1kXHn10kkD0IrXMKDTg3OMrnf/FTvAhqjNB j9HuQgnae3y//We+J7zi+xvLo24aig7VZ3CDvQ8lGchHFBkgxxNulb8xN3HzOWG j KE+wwFDEiAL5D7mP7WG0baXsOhHfTuxXf1gvYfZ0U6nWSY5j0F H8MHt7mMK76qOc MMBwqyVJuv2TZfaZMEuwwHMWcDw5kAMS2h1llcqrb8ANKG7vfh rcyuE7yHDnMhCf ueszjwZoRGPJb6HUxgTnEWx7GcVqpOWhOVJoCyuglTfK1WUzYs lLjqbOFcILhJKm PRR1Matku0ab/Z1uuWmX0tLsS9H35UImFSbkB3RhQhFFNSj1U975j4chJLmQeWd W Z5tMFB7/arD+jSVSzZITbzBLHHhSloILU7eL2X9HaY87kTSVTYMGMiRFTy dwBLmE 0qY2W5m4xhF5RLoH9EtS82gu+5/AkSwgJfDR7G/3Zl250IbUakE+niovb8Cj1IFD CZ4sRKbFMuJgbBG3IEq1gABoE1JNHcYZR3Q9tWMK =+MTe -----END PGP PUBLIC KEY BLOCK----- -- View this message in context: http://old.nabble.com/Equivalent-segments-between-different-Fedora---RPM-Fusion-ASCII-armored-key-blocks-tp26566574p26566574.html Sent from the GnuPG - User mailing list archive at Nabble.com.