Security glitch with 3DES and -c (was: bug?: gpg 1.0 symmetric crypto 3DES problems with PGP 5.0/6.5.1)

Michael Roth mroth at
Fri Oct 1 03:14:12 CEST 1999

On Thu, 30 Sep 1999, Werner Koch wrote:

> Now the question is what to do to allow old symmetric only encrypted
> messages to be decrypted.  Should I add an --emulate-3des-s2k-bug ?

Puh... And I thought it could be a bug in 3des code intodruced by me... 

Hmm. Yes. But what about that GnuPG tries using both decryption modes?
First the correct one and if that fails tries with the old s2k-bug?
An option is IMHO not a good idea, but is the easier one, I know.


More information about the Gnupg-devel mailing list