CRC error

Bob (Robert) Cavanaugh robertc at broadcom.com
Mon Jul 28 20:42:29 CEST 2014 

Pedro,
Do not use a CRC as a security measure, it is very easy to spoof. CRC is only used as an indication of data integrity, not of data security. That is why SHA was developed, to provide a secure method of detecting attempted tampering of a data set.

Thanks,
Bob Cavanaugh

From: Gnupg-users [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of pedro.markov at ml1.net
Sent: Monday, July 28, 2014 10:54 AM
To: gnupg-users at gnupg.org
Subject: Re: CRC error


Thanks for the answers about the CRC error, i found what i needed, but it
took me now to other questions. Actually i got the CRC error when i modified
some strings of a public key and then i tried to import it.

I told to my self that it would be interesting as securing method to sign
stuff with a private key "with out having the public key". this would mean that only
the person who has public key would have access to the data with out needing
a password.

(and the person with the private key too i think, it would be great if only the person
with the public key can decrypt the data, maybe there is one option, i'll check for that.)

So why i was asking about the CRC error?

Well, i was thinking that storing such Public key would be insecure. but storing
a modified public key would be good. If the CRC error doesn't indicates where
there problem is, only the person who knows how to re-build the public key
would have access to the data.



To become this method secure,the public key should not be stored in the key
ring so people can not export it ( in case the computer get compromised )

when i was testing this method, i removed the keys from my keyring, and then
i imported only the secret key. For my surprise there was also the public key.
Is there anyway to only import the secret key?

Thanks again,
Pedro markov

On 27/07/14 23:51, pedro.markov at ml1.net<mailto:pedro.markov at ml1.net> wrote:

Hi,

I'm a new user to the GPG world, and i haven't find information about the "CRC" error when

importing a key.



What does CRC means?



When importing a corrupted key the following message apears:



gpg: CRC error; 9BAD9F - 00F1D7

gpg: read_block: read error: invalid keyring

gpg: import from `key' failed: invalid keyring

gpg: Total number processed: 0



I would like to know what does 9BAD9F - 00F1D7 means. Is is possible to fix a corrupted key?

Is is possible to know wich line of a corrupted key is wrong?



Thanks!!









_______________________________________________

Gnupg-users mailing list

Gnupg-users at gnupg.org<mailto:Gnupg-users at gnupg.org>

http://lists.gnupg.org/mailman/listinfo/gnupg-users





-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140728/837f2902/attachment-0001.html>

More information about the Gnupg-users mailing list