bad encrypted session key (bug report?)

Mike Ashley jashley at
Thu Apr 15 04:23:43 CEST 1999


I have a keypair generated using GPG but am having trouble communicating
with a PGP 6.0 user.  I'm able to duplicate the problem at will.

Assuming I am Bob and am communicating with Alice, here is the scenario.
I encrypt a message to Alice and myself.  While I can decrypt the result,
Alice cannot.  The error she gets from PGP 6.0 is "encrypted session
key is bad".

I've tried to narrow down the problem and have discovered that the
problem is my particular GPG key mixed with any PGP (6.0) key.
For example,

  1) if I do not encrypt to myself, then Alice can decrypt the message,
  2) if I generate a different GPG key and encrypt a message to both
     myself and Alice, Alice can decrypt the result, 
  3) I can encrypt to myself and another GPG user, and the GPG user can 
     decrypt, and
  4) if I change Alice's key, I still cannot communicate with her.

I believe I generated the key using GPG 0.9.4 but it might have been
0.9.3.  If it would be helpful, I can send along an encrypted test message
and both mine and Alice's public keys.  I could send along my secret
key too if necessary since it looks like this key is broken regardless.


More information about the Gnupg-devel mailing list