CRC error
pedro.markov at ml1.net
pedro.markov at ml1.net
Tue Jul 29 22:03:16 CEST 2014
¯¯\\---/¯¯ ßå-ßå-ßå-ßî$ÞÎN!
On 07/29/2014 08:47 PM, pedro.markov at ml1.net wrote:
>
> On 07/29/2014 07:02 PM, Peter Lebbing wrote:
>> On 28/07/14 23:35, pedro.markov at ml1.net wrote:
>>> 4) Damage my private key. (Ex: inverse X and X line, Replace X and X
>>> characters, etc.)
>> This is a really, really bad idea. Please don't invent your own crypto.
>>
>> For instance, I only need one seventh of your secret RSA key to fully
>> reconstruct it using the public key I also have! Looky here at an RSA
>> private key{1}:
>>
>> :secret key packet:
>> version 4, algo 1, created 1300458324, expires 0
>> skey[0]: [2048 bits]
>> skey[1]: [17 bits]
>> skey[2]: [2046 bits]
>> skey[3]: [1024 bits]
>> skey[4]: [1024 bits]
>> skey[5]: [1024 bits]
>>
>> I myself can reconstruct your private key if I either have skey[3] or
>> skey[4]. I can decrypt your messages if I just have skey[2]. And I think
>> someone who actually knows his stuff can do it with skey[5]; I might be
>> able too if I read up on the Chinese Remainder Theorem{2}.
>>
>> And I can see whether it worked or not, so I can just take the one you
>> didn't damage.
>>
>> Again: give me your public key and the 1024 bits of skey[3] and I can
>> compute your private key. Using only a seventh of the whole secret key
>> packet. And this "secret key packet" isn't even the full secret key that
>> you are wilfully damaging; there are even more packets in there,
>> including completely harmless ones that won't bother an attacker the
>> slightest bit. You might make the attacker laugh, though.
>>
>> Don't be creative! You need either a good passphrase or good physical
>> protection or both, not some mangling of data.
>>
> I wasn't aware of this, thanks for the info!
> ("i made good" to ask here before doing creative stuff.. haha )
>
>>> Pedro Markov,
>>> or not?~
>> Oh, the suspense! Are you Pedro, .... or not? Tadadadaaaaa..... ;)
>>
>> Oh, I see it. The ~ is a logical not, so it's a double inverse, so
>> either you're Pedro or you converted Pedro to a boolean, depending on
>> whether you ask a logician or a C programmer...
>
> This one was funny!, should i respond or let the suspense? xD
>
> I 13iu1ccy 81i5 c, 9 ausi 4o uyi8on uro7r1mm9n7 1n4 21s8 so i85
> 3omm5ni w1s 6unny :)
> T89s 19n'i my r51c n1m5, 9 ausi 4on'i c9b5 my n1m5 1n4 5m19c io 25
> uu2c9s8 ov5r i85
> uu2c93 9ni5rn5i 2531us5 i85 m19c9n7 c9sis :)
>
>
>> HTH,
>>
>> Peter.
>>
>> {1} To reproduce: make a test key that you don't password protect.
>> Suppose the key ID of your test key is AB1256CD34, enter the following:
>>
>> $ gpg2 --export-secret-key AB1256CD34 | gpg2 --list-packets
>>
>> But first understand what that command does, because you shouldn't type
>> in commands that strangers tell you to type in.
>>
>> {2} For context for people who know what I'm talking about but don't
>> know the order of components by heart, the 5 MPI's are, in order: n, e,
>> d, p, q and u (u = p^-1 mod q).
>>
> I'll really check this its seems pretty interesting
More information about the Gnupg-users
mailing list