Weak encryption keys
plr.vincent at gmail.com
Wed Mar 24 12:08:41 CET 2021
On Tue, 23 Mar 2021 20:20:02 -0500, Jacob Bachmeyer <jcb62281 at gmail.com> wrote:
> There are two keys involved here: a PGP private key that is stored
> encrypted under a symmetric key. It appears that that symmetric key has
> been found to be weak. If an attacker can obtain the encrypted blob and
> crack the symmetric encryption, the PGP key would be divulged.
Oh, blowfish is the symetric one. My bad, I so,ehow thought it was the
asymmetric key which was weak.
As you say, it does not really change the conclusion, but thanks a lot
for the correction.
GPG fingerprint 983A E8B7 3B91 1598 7A92 3845 CAC9 3691 4257 B0C1
More information about the Gnupg-users