gnupg-0.3.4 and pgp-2.6.3i interaction

Werner Koch wk at isil.d.shuttle.de
Sat Sep 12 10:59:26 CEST 1998


Michael Roth <mroth at nessie.de> writes:

>     IMHO gnupg should auto detected the extension IDEA and use MD5 by
>     default.

I don't know from where you have idea ;) - Do you have a licence from
Ascom to use it, or are you only doing research :-)

I will never add (direct) support for an patented algorithm; RSA is an
exception as it is only patented in the U.S.  There is no need for
IDEA - if you need encryption use GNUPG or PGP 5 (w/0 IDEA)

>     Of course depending on specific extensions in the main programm
>     isn't a good thing at all, but in this special case I think it's

Not for this case (IDEA).  

> 2.) When I encrypt a file using gnupg with the command line: 
>     "gpg --load-extension idea  --cipher-algo idea --digest-algo md5 -c FILE"
>     PGP can read this file but not decrypt. I only get a "Bad pass phrase"
>     error. :-(

You should add --rfc1991, so that gnupg does not generate salted
passphrases [does the option really work in this case].

S2K identifiers are an OpenPGP extension and available in PGP2.  They
are useful to make dictionary attacks more time consuming.

> 3.) It looks like that the gnupg option '--list-packets' is really broken.
>     In the near future I will make further investigations on this problem.

It is not really broken, but it can only list packtes which gnupg
knows how to process.  It is more than dump of the packets:  You
are able to see the structure of encrypted packets (if you have the
secret key/passphrase).

It is on my TODO list to make it more useful.  Note, that you can use
"-vv" in most cases to get a raw dump of the packets as thea are
parsed.

> P.S.:   Where can I find OpenPGP draft/standard/faq/information?

Its called  draft-ietf-openpgp-formats-07.txt and available at:

   To view the entire list of current Internet-Drafts, please check the
   "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow
   Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern
   Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific
   Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast).


Werner





More information about the Gnupg-devel mailing list