decryption failed: weak key

Hasnain Mujtaba hmujtaba at forumsys.com
Fri Oct 8 18:11:43 CEST 2004 

Hi Michael,

I am working with Cryptix OpenPGP provider. I ran into a problem where
after 10,000 iterations the encryption code would start producing faulty
PGP PublicKeyEncryptedSessionKey packets (I was using ElGamal/3DES).
When I would try to decrypt the packets with GPG, I would see the error:

gpg: public key decryption failed: wrong secret key used
gpg: decryption failed: secret key not available.

I suspected that they system was running out of entropy, perhaps. To
rule out that possibility, I started hard-coding the session key using
an array of all 0xFFs. Then, GPG would started throwing the message:

gpg: WARNING: message was encrypted with a weak key in the symmetric
cipher.
gpg: decryption failed: weak key.

So that's how it happened. Not because Cryptix OpenPGP was buggy, but
because of my hard-coded debug values. 

I hope this answers your question.

Regards
Hasnain.

-----Original Message-----
From: Michael Roth [mailto:mroth at nessie.de] 
Sent: Friday, October 01, 2004 7:53 AM
To: Hasnain Mujtaba
Cc: gnupg-users at gnupg.org
Subject: Re: decryption failed: weak key


Hasnain Mujtaba wrote:

| I saw this message when decrypting a file encrypted with a 1536
| ElGamal key, 3DES symmetric cipher:

A "weak key" is a special DES property. In DES there are 64 known weak
keys. I think Blowfish has weak keys too.


| gpg: WARNING: message was encrypted with a weak key in the symmetric
| cipher.
| gpg: decryption failed: weak key.
|
| Looks like GPG is checking for randomness property of the session key
| after decrypting it out of the Public-key Encrypted Session key
| packet. Correct?

No. If you take a look in g10/des.c you will find a table containing all
64 known weak keys (search for "weak_key"). If gnupg creates a session
key, it omits weak keys (take a look in g10/seskey.c, make_session_key).

So I guess the message was not encrypted using gnupg? Would be nice to
know which programm created the weak session key.

Please also note: 3DES keys consist effectivly of 3 different DES keys,
but GnuPG complains about weak keys if at least one of these three parts
is a weak key.


cu

Michael Roth

More information about the Gnupg-users mailing list