decryption failed: weak key
David Shaw
dshaw at jabberwocky.com
Sat Oct 9 00:11:38 CEST 2004
On Fri, Oct 01, 2004 at 07:24:28PM +0200, Johan Wevers wrote:
> Michael Roth wrote:
>
> >No. If you take a look in g10/des.c you will find a table containing all
> >64 known weak keys (search for "weak_key"). If gnupg creates a session
> >key, it omits weak keys (take a look in g10/seskey.c, make_session_key).
>
> I can understand that it doesn't encrypt to them, but why would it not
> decrypt with them? I can't see any security risk in that.
1.4 will give a warning, but allow you to decrypt even with a weak
key. As you say, there is no risk in decryption.
David
More information about the Gnupg-users
mailing list