decryption failed: weak key

David Shaw dshaw at
Sat Oct 9 00:11:38 CEST 2004

On Fri, Oct 01, 2004 at 07:24:28PM +0200, Johan Wevers wrote:
> Michael Roth wrote:
> >No. If you take a look in g10/des.c you will find a table containing all
> >64 known weak keys (search for "weak_key"). If gnupg creates a session
> >key, it omits weak keys (take a look in g10/seskey.c, make_session_key).
> I can understand that it doesn't encrypt to them, but why would it not
> decrypt with them? I can't see any security risk in that.

1.4 will give a warning, but allow you to decrypt even with a weak
key.  As you say, there is no risk in decryption.


More information about the Gnupg-users mailing list