CRC error

pedro.markov at pedro.markov at
Tue Jul 29 22:03:16 CEST 2014

¯¯\\---/¯¯ ßå-ßå-ßå-ßî$ÞÎN!
On 07/29/2014 08:47 PM, pedro.markov at wrote:
> On 07/29/2014 07:02 PM, Peter Lebbing wrote:
>> On 28/07/14 23:35, pedro.markov at wrote:
>>> 4) Damage my private key.  (Ex: inverse X and X line, Replace X and X
>>> characters, etc.)
>> This is a really, really bad idea. Please don't invent your own crypto.
>> For instance, I only need one seventh of your secret RSA key to fully
>> reconstruct it using the public key I also have! Looky here at an RSA
>> private key{1}:
>> :secret key packet:
>>          version 4, algo 1, created 1300458324, expires 0
>>          skey[0]: [2048 bits]
>>          skey[1]: [17 bits]
>>          skey[2]: [2046 bits]
>>          skey[3]: [1024 bits]
>>          skey[4]: [1024 bits]
>>          skey[5]: [1024 bits]
>> I myself can reconstruct your private key if I either have skey[3] or
>> skey[4]. I can decrypt your messages if I just have skey[2]. And I think
>> someone who actually knows his stuff can do it with skey[5]; I might be
>> able too if I read up on the Chinese Remainder Theorem{2}.
>> And I can see whether it worked or not, so I can just take the one you
>> didn't damage.
>> Again: give me your public key and the 1024 bits of skey[3] and I can
>> compute your private key. Using only a seventh of the whole secret key
>> packet. And this "secret key packet" isn't even the full secret key that
>> you are wilfully damaging; there are even more packets in there,
>> including completely harmless ones that won't bother an attacker the
>> slightest bit. You might make the attacker laugh, though.
>> Don't be creative! You need either a good passphrase or good physical
>> protection or both, not some mangling of data.
> I wasn't aware of this, thanks for the info!
> ("i made good" to ask here before doing creative stuff.. haha )
>>> Pedro Markov,
>>> or not?~
>> Oh, the suspense! Are you Pedro, .... or not? Tadadadaaaaa..... ;)
>> Oh, I see it. The ~ is a logical not, so it's a double inverse, so
>> either you're Pedro or you converted Pedro to a boolean, depending on
>> whether you ask a logician or a C programmer...
> This one  was funny!, should i respond or let the suspense? xD
> I 13iu1ccy 81i5 c, 9 ausi 4o uyi8on uro7r1mm9n7 1n4 21s8 so i85 
> 3omm5ni w1s 6unny :)
> T89s 19n'i my r51c n1m5, 9 ausi 4on'i c9b5 my n1m5 1n4 5m19c io 25 
> uu2c9s8 ov5r i85
> uu2c93 9ni5rn5i 2531us5 i85 m19c9n7 c9sis :)
>> HTH,
>> Peter.
>> {1} To reproduce: make a test key that you don't password protect.
>> Suppose the key ID of your test key is AB1256CD34, enter the following:
>> $ gpg2 --export-secret-key AB1256CD34 | gpg2 --list-packets
>> But first understand what that command does, because you shouldn't type
>> in commands that strangers tell you to type in.
>> {2} For context for people who know what I'm talking about but don't
>> know the order of components by heart, the 5 MPI's are, in order: n, e,
>> d, p, q and u (u = p^-1 mod q).
> I'll really check this its seems pretty interesting

More information about the Gnupg-users mailing list