decryption failed: weak key
Hasnain Mujtaba
hmujtaba at forumsys.com
Fri Oct 1 20:40:58 CEST 2004
Hi Michael,
Thank you for the detailed reply. I am just playing around with an open
source OpenPGP implementation. I was debugging a problem with ElGamal
encryption and to rule out entropy problems, I hard-coded the 192-bit
session key with a fixed string of ones instead of reading it from
/dev/random. Interestingly, only GPG catches the weak key, not any of
the other tools I fed the encrypted file to.
Regards,
Hasnain.
-----Original Message-----
From: Michael Roth [mailto:mroth at nessie.de]
Sent: Friday, October 01, 2004 7:53 AM
To: Hasnain Mujtaba
Cc: gnupg-users at gnupg.org
Subject: Re: decryption failed: weak key
Hasnain Mujtaba wrote:
| I saw this message when decrypting a file encrypted with a 1536
| ElGamal key, 3DES symmetric cipher:
A "weak key" is a special DES property. In DES there are 64 known weak
keys. I think Blowfish has weak keys too.
| gpg: WARNING: message was encrypted with a weak key in the symmetric
| cipher.
| gpg: decryption failed: weak key.
|
| Looks like GPG is checking for randomness property of the session key
| after decrypting it out of the Public-key Encrypted Session key
| packet. Correct?
No. If you take a look in g10/des.c you will find a table containing all
64 known weak keys (search for "weak_key"). If gnupg creates a session
key, it omits weak keys (take a look in g10/seskey.c, make_session_key).
So I guess the message was not encrypted using gnupg? Would be nice to
know which programm created the weak session key.
Please also note: 3DES keys consist effectivly of 3 different DES keys,
but GnuPG complains about weak keys if at least one of these three parts
is a weak key.
cu
Michael Roth
More information about the Gnupg-users
mailing list