decryption failed: weak key
Michael Roth
mroth at nessie.de
Fri Oct 1 13:52:55 CEST 2004
Hasnain Mujtaba wrote:
| I saw this message when decrypting a file encrypted with a 1536
| ElGamal key, 3DES symmetric cipher:
A "weak key" is a special DES property. In DES there are 64 known weak
keys. I think Blowfish has weak keys too.
| gpg: WARNING: message was encrypted with a weak key in the symmetric
| cipher.
| gpg: decryption failed: weak key.
|
| Looks like GPG is checking for randomness property of the session key
| after decrypting it out of the Public-key Encrypted Session key
| packet. Correct?
No. If you take a look in g10/des.c you will find a table containing all
64 known weak keys (search for "weak_key"). If gnupg creates a session
key, it omits weak keys (take a look in g10/seskey.c, make_session_key).
So I guess the message was not encrypted using gnupg? Would be nice to
know which programm created the weak session key.
Please also note: 3DES keys consist effectivly of 3 different DES keys,
but GnuPG complains about weak keys if at least one of these three parts
is a weak key.
cu
Michael Roth
More information about the Gnupg-users
mailing list