1.4.3 problem with decrypting pgp2.6.3 symmetrically encrypted (Johan Wevers)

vedaal at hush.com vedaal at hush.com
Mon May 29 08:36:52 CEST 2006

>Message: 3
>Date: Sat, 27 May 2006 15:02:45 +0200 (MET DST)
>From: Johan Wevers <johanw at vulcan.xs4all.nl>
>Subject: Re: 1.4.3 problem with decrypting pgp2.6.3 symmetrically
>	encrypted

>vedaal at hush.com wrote:
>>symmetrically encrypted message when the cipher algo is set to 
>>anything else besides IDEA in Disastry's version, 
>>and 1.4.3 also cannot, and 'assumes' IDEA is used, and upon 
>I'll try to test this. You'll have to explicitly state the 
>encryption algo
>used since the pgp 2 file format doesn't specify it anywhere (and 
>just IDEA).
>>here is the symmetrically encrypted file using IDEA:
>I have no problems decrypting it with gpg (self compiled version 
>on Linux).

ok, Thanks!
this is very helpful,

then the problem is not gnupg, 
only me ;-)
(much easier for me to try to debug my setup ;-) )

>Perhaps the Cygwin version is the problem?

tested on cygwin, 
and also from gnupg mingw32 pre-compiled binary 
at the windows command prompt

results identical,
but *did* find, and workaround the problem

the problem was 
that my gpg.conf had these options:

cipher-algo twofish
digest-algo SHA256
s2k-cipher-algo twofish
s2k-digest-algo SHA256

( i put them in because i didn't want new keys to be self-signed 
sha-1, and because i prefer twofish)

once these were # commented out,
the file decrypted perfectly with the following gnupg command:

gpg --pgp2 --decrypt filename


when Disastry's build is configured intentionally to used twofish 
and sha-256
then there is nothing i can tweak in gnupg to get it to decrypt ;-((

here is the file:

Version: 2.6.3ia-multi06
comment: (symmetric encryption, twofish) (passphrase: s)


the pgp command to generate this was:

pgp -cat filename -jtju

if anyone has any ideas on how to decrypt this in gnupg,
please post,

( i don't consider this a 'problem' in gnupg,
and, fwiw, 
it doesn't decrypt in pgp 9 either, or even in ckt builds,

pgp 2.x users are quite happy to communicate only with 
other pgp 2.x users
and don't really need gnupg to try to cover all possiblities to 
remain compatible
(although it *is* compatible with 'ordinary' (classic) pgp 2.x
as long as the above listed option types are not used during 
decryption attempts,)

it is also of some interest ;-)
that users of Disastry's version
may have found a simple way to communicate symmetrically,
so that even if someone 'overhears' the passphrase,
they will still be unable to decrypt unless they use Disastry's 
and will more likely think,
that they were 'misled' into thinking they had the correct 
passphrase ...


Concerned about your privacy? Instantly send FREE secure email, no account required

Get the best prices on SSL certificates from Hushmail

More information about the Gnupg-users mailing list