Error using PGP 5 generated key
Werner Koch
wk@gnupg.org
Thu, 28 Oct 1999 09:00:22 +0200
Johan Wevers <johanw@vulcan.xs4all.nl> writes:
> 3072-bit ELG-E key, ID 1B240FEE, created 1999-10-26 (main key ID 624B3B3E)
>
> gpg: this is a PGP generated ElGamal key which is NOT secure for signatures!
You tried to use an encrypt only key for signatures. Keys of type 16
are not usable for signing (Bleichenbacher attack). There is one
exception: Early versions of gpg created keys of type 16 which are
secure for signature - however these keys are in v3 packets and
gpg is the only version which ever used this packets vor ElGamal keys.
> What is going on? Is this key really insecure (and if so, why?), or are
ElGamal (aka DH) keys created by PGP >=5 are only intended for
encryption.
--
Werner Koch at guug.de www.gnupg.org keyid 621CC013