weak key used for an Initial Vector
Denis Corbin
dar.linux at free.fr
Wed Aug 12 22:37:24 CEST 2015
Hi,
for what I understand from libgcrypt source code, when
gcry_cipher_setkey() returns GPG_ERR_WEAK_KEY , it is rather a warning
than an error, the handle is operational for ciphering/deciphering. Am
I right? If so is this behavior expected to change in the future?
Another point: what is the use for gcry_cipher_get_algo_keylen()? No
error occurs when one gives a larger key than the value returned for
the corresponding algorithm: it seems the key bytes are XOR modulo the
key length at least for blowfish. Is there any advantage in terms of
cryptographic strength to use a key larger than the reported
gcry_cipher_get_algo_keylen()?
Thanks for any help,
Best Regards,
Denis Corbin.
Le 08/08/2015 15:46, Denis Corbin a écrit :
> On 07/08/2015 09:08, Werner Koch wrote:
>> On Thu, 6 Aug 2015 22:33, dar.linux at free.fr said:
>
> Hello,
>
>>
>>> I've found googling that it was possible to disable the weak
>>> key warning thanks to the PRIV_CTL_DISABLE_WEAK_KEY value given
>>> to gcry_cipher_ctl()
>>
>> No, that is not possible. This symbol is private to libgcrypt;
>> it is not defined as part of the public API and thus also not in
>> gcrypt.h.
>
> OK. How then to decipher very old data encrypted more than 10
> years ago at which time the error about weak key was not issued?
>
> Regards, Denis.
>
More information about the Gcrypt-devel
mailing list