CRC error

Peter Lebbing peter at digitalbrains.com
Tue Jul 29 19:02:59 CEST 2014


On 28/07/14 23:35, pedro.markov at ml1.net wrote:
> 4) Damage my private key.  (Ex: inverse X and X line, Replace X and X
> characters, etc.)

This is a really, really bad idea. Please don't invent your own crypto.

For instance, I only need one seventh of your secret RSA key to fully
reconstruct it using the public key I also have! Looky here at an RSA
private key{1}:

:secret key packet:
        version 4, algo 1, created 1300458324, expires 0
        skey[0]: [2048 bits]
        skey[1]: [17 bits]
        skey[2]: [2046 bits]
        skey[3]: [1024 bits]
        skey[4]: [1024 bits]
        skey[5]: [1024 bits]

I myself can reconstruct your private key if I either have skey[3] or
skey[4]. I can decrypt your messages if I just have skey[2]. And I think
someone who actually knows his stuff can do it with skey[5]; I might be
able too if I read up on the Chinese Remainder Theorem{2}.

And I can see whether it worked or not, so I can just take the one you
didn't damage.

Again: give me your public key and the 1024 bits of skey[3] and I can
compute your private key. Using only a seventh of the whole secret key
packet. And this "secret key packet" isn't even the full secret key that
you are wilfully damaging; there are even more packets in there,
including completely harmless ones that won't bother an attacker the
slightest bit. You might make the attacker laugh, though.

Don't be creative! You need either a good passphrase or good physical
protection or both, not some mangling of data.

> Pedro Markov,
> or not?~

Oh, the suspense! Are you Pedro, .... or not? Tadadadaaaaa..... ;)

Oh, I see it. The ~ is a logical not, so it's a double inverse, so
either you're Pedro or you converted Pedro to a boolean, depending on
whether you ask a logician or a C programmer...

HTH,

Peter.

{1} To reproduce: make a test key that you don't password protect.
Suppose the key ID of your test key is AB1256CD34, enter the following:

$ gpg2 --export-secret-key AB1256CD34 | gpg2 --list-packets

But first understand what that command does, because you shouldn't type
in commands that strangers tell you to type in.

{2} For context for people who know what I'm talking about but don't
know the order of components by heart, the 5 MPI's are, in order: n, e,
d, p, q and u (u = p^-1 mod q).

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list