<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div class=""><br class=""></div><div class=""><div>Hello all,</div><div><br class=""></div><div>Thank you for your answers. Hope I respond to your questions: </div><div><br class=""></div><div>I encrypt in my Shell as follows - I am doing it just now with a Backup File on my desktop:</div><div><br class=""></div><div><div>$ gpg bu_pw_new.txt.gpg</div><div>gpg: WARNING: no command supplied. Trying to guess what you mean ...</div><div>gpg: encrypted with 2048-bit ELG key, ID F5FF48588C144291, created 2010-08-05</div><div> "Marek Stepanek <<a href="mailto:marek@munich-taxis.de" class="">marek@munich-taxis.de</a>>”</div></div><br class="Apple-interchange-newline"></div><div class="">If I change something with VIM I make: </div><div class=""><br class=""></div><div class="">$ rm bu_pw_new.txt.gpg</div><div class="">$ gpg -e bu_pw_new.txt</div><div class="">You did not specify a user ID. (you may use "-r")</div><div class=""><br class=""></div><div class="">Current recipients:</div><div class=""><br class=""></div><div class="">Enter the user ID. End with an empty line: marek</div><div class="">gpg: F5FF48588C144291: There is no assurance this key belongs to the named user</div><div class=""><br class=""></div><div class="">sub elg2048/F5FF48588C144291 2010-08-05 Marek Stepanek <<a href="mailto:marek@munich-taxis.de" class="">marek@munich-taxis.de</a>></div><div class=""> Primary key fingerprint: B607 17A3 A754 8564 B209 6A9B D442 9D47 8F5D ABEF</div><div class=""> Subkey fingerprint: 4CE5 48A1 9A35 DCD7 D18D 183B F5FF 4858 8C14 4291</div><div class=""><br class=""></div><div class="">It is NOT certain that the key belongs to the person named</div><div class="">in the user ID. If you *really* know what you are doing,</div><div class="">you may answer the next question with yes.</div><div class=""><br class=""></div><div class="">Use this key anyway? (y/N) y</div><div class=""><br class=""></div><div class="">Current recipients:</div><div class="">elg2048/F5FF48588C144291 2010-08-05 "Marek Stepanek <<a href="mailto:marek@munich-taxis.de" class="">marek@munich-taxis.de</a>>"</div><div class=""><br class=""></div><div class="">Enter the user ID. End with an empty line:</div><div class=""><br class=""></div><div class="">And here it is encrypted again. Then I remove the raw text file:</div><div class=""><br class=""></div><div class="">$ rm bu_pw_new.txt</div><div class=""><br class=""></div><div class="">I am unsure how GnuPG could pick up the wrong key, which does not exist in my key deposit. My guess is, that it is encrypted anyway with my private key, but the headers are mangled up??? For that reason my question was: may I replace some headers from my backup file ( two month old! ) into the spoiled one? But until where? For that reason I was posting here, to ask some of the developers how to achieve it right. There are plenty of those <85> … <8c> … <91> - cutting the binary file in some pieces (?) </div><div class=""><br class=""></div><div class="">Thank you Vincent for your detailed answer, which is way over my head. I really should look into the internals of file encryption one day … </div><div class=""><br class=""></div><div class="">Is <a href="mailto:pause@pause.perl.org" class="">pause@pause.perl.org</a> listening? Is your PGP key still in use? </div><div class=""><br class=""></div><div class="">Best greetings to all</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">marek</div><div class=""><br class=""></div><div class=""><br class=""></div>
<div><br class=""><blockquote type="cite" class=""><div class="">On 25. Apr 2021, at 10:41, Vincent Pelletier <<a href="mailto:plr.vincent@gmail.com" class="">plr.vincent@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">On Sat, 24 Apr 2021 15:19:07 -0700, "C.J. Collier" <<a href="mailto:cjac@colliertech.org" class="">cjac@colliertech.org</a>> wrote:<br class=""><blockquote type="cite" class="">you could maybe ask a pause admin to decrypt and<br class="">re-encrypt to a key that you own, sending you back the encrypted file.<br class=""></blockquote><br class="">Two ideas from a gpg-internal *UN*aware point of view:<br class="">- I assume gpg file encryption works by generating a random symmetric<br class=""> cipher key, encrypting the file with this symmetric cipher, and<br class=""> only encrypting the symmetric cipher's key with the asymmetric cipher<br class=""> public key.<br class=""> If so, then the encrypted symmetric key could in theory (...again, I<br class=""> do not know enough of gnupg internals) be extracted and be the only<br class=""> thing sent for decryption and sent back deciphered.<br class=""> Of course, it means that if the file was leaked encrypted, then this<br class=""> deciphered key intercepted, then the file is completely leaked.<br class="">- Is the asymmetric algorithm transitive ? If it is, then again<br class=""> starting from an extracted encrypted key, it could be encrypted again<br class=""> with the good public key, then sent for decryption. The key received<br class=""> back would still be encrypted by the good public key. It can then<br class=""> finally be deciphered, allowing the symmetric cipher to decipher the data.<br class=""> This would solve the plain-text vulnerability of the previous point.<br class=""><br class="">I believe (again, not an expert) decryption and signature use different<br class="">parameters in gpg, so from the pause admin point of view they should<br class="">not be worried about inadvertently signing a hash, but actually<br class="">deciphering a symmetric key (which can otherwise be a concern).<br class="">-- <br class="">Vincent Pelletier<br class="">GPG fingerprint 983A E8B7 3B91 1598 7A92 3845 CAC9 3691 4257 B0C1<br class=""><br class=""></div></div></blockquote></div><br class=""></body></html>