Problem with Key Protection
Bob Mathews
bobmath@earthlink.net
Sat Nov 16 14:22:01 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 15 November 2002 05:56, Daniel Luebke wrote:
> gpg: Protection algorithm 254 is not supported
> gpg: signature failed: Unknown encryption algorithm
>=20
> Does anyone has a solution for that?
Algorithm 254 is used with the new SHA-1 protected secret key format, whi=
ch=20
was introduced in gpg 1.0.7. To turn it off for compatibility with 1.0.6,=
use=20
- --simple-sk-checksum when generating the key or changing the passphrase=
=2E
The new format is meant to defend against the vulnerability described her=
e:
http://www.i.cz/en/onas/tisk4.html
Is this a really big issue? Probably not. Anyone who can modify your secr=
et=20
key ring on disk can probably also trojan your copy of gpg and steal your=
key=20
that way. Better safe than sorry, though.
-bob mathews
-----BEGIN PGP SIGNATURE-----
iD8DBQE91kcwPgDecCrBEpcRApwzAJ97IsA+qqw+7hE5ncdtBy/Rj0ImswCfR/Kw
wm/3CA1eWTsCef7XdZU5fGg=3D
=3D5Q4I
-----END PGP SIGNATURE-----