Does GNUPG have the PGP ADK weakness?

Huels, Ralf KSV
28 Aug 2000 14:17:14 +0200

> HRK> However, the fact remains that "broken" PGP (or other s/w) versions
> HRK> are going to remain out there. I think it´s ok to point out that
> HRK> PGP (< 6.5.8) users are not safe from the bug when encrypting to
> GnuPG
> HRK> users.
> Certainly, but it's not OK to say that GnuPG is also affected and people
> shouldn't be using it anymore. But that is what Ralf S. did ..
Umm. Not exactly:
| So if you want to get rid of ADKs as much as possible, you are well
| advised to use PGP-Classic, PGP-2.6.x, the only PGP which guarantees
| that only Version-3-signatures are made and which rejects DH-keys and
| RSA-keys in Version-4-format.
| You should use GnuPG as an analysis-tool to check which packets a key
| or cryptogram consists of. And you can use newer PGP versions or GnuPG
| to check the validity of signatures on messages which have been made
| with V4-keys by others.
Ralf says that people who want to make sure should avoid v4 sigs. The safest way to do that is to use software that only uses v3 sigs. In fact he recommends GnuPG as an analysis tool. I do think, however, that Ralf´s criticism of the CERT advisory (as quoted in suffers from some of the same misunderstandings that have troubled the entire debate. The way I understand the advisory, they perceive only the actual _use_ of illicit ADKs as the problem, while Ralf takes the mere fact that keys can be modified as the problem. For instance CERT calls keys that don´t have ADKs when added to the key ring "not vulnerable" (presumbly because they obviously don´t have an illicit ADK), while Ralf disagrees (because ADKs might be added later). I guess it all depends on whether you emphasize on the key itself or on the software that uses it. I think in that respect Ralf´s criticism is too harsh. If all software products used only hashed parts of the key, there wouldn´t be a problem. Tschüß, Ralf -- Ralf Hüls Bismarckplatz KSV Kreditschutz-Vereinigung GmbH 44866 Bochum Score-Consult Tel. 02327/9114-28 Fax. 02327/8 40 27 -- Archive is at - Unsubscribe by sending mail with a subject of "unsubscribe" to