getting an encrypted file to show what public key was used

Tanguy Herrmann tanguy.herrmann at
Tue May 29 17:16:09 CEST 2012


The key who has the Short Key ID of F1940956 has the same short Key ID
as :
This is a flaw in the OpenPGP protocol (If I remember right). Short
Key ID are only the last 8 hexadecimal characters of the full
fingerprint. And the flaw make that OpenPGP verify only that short Key
ID instead of the full fingerprint, and that leads to collision of Key
ID even if the keys are differents ...

The easier solution for you would be to create a new key

On Tue, May 29, 2012 at 5:02 PM, Robert J. Hansen <rjh at> wrote:
> On 5/29/12 9:45 AM, Steven Lefevre wrote:
>> gpg: encrypted with 2048-bit ELG-E key, ID F1940956, created 2002-04-25
>>       "Different Public Key <another_key at>"
>> gpg: decryption failed: secret key not available
> Oh, cute.  A short ID collision.  :)  Quaero Corporation's, apparently.
> Short answer: try using gpg -vvvv sensitive-file.gpg.  This will give
> you a large amount of detailed information that might be useful for your
> debugging.
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

More information about the Gnupg-users mailing list