Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
Incompatibility between gnupg 0.9.7 and >0.9.10 in conv. 3des encryption
em at who
Jan 7, 2000, 9:07 PM
Post #1 of 3 (619 views)
Permalink
I'm not sure whether it's a known problem, but if one encrypts with:

./gpg097 -a -c --cipher-algo 3des q

and then tries to decrypt with gpg version 0.9.10 or later:

gpg q.asc

the result is an error message:

gpg: decryption failed: bad key

The incompatibility is mutual: files encrypted with 0.9.10 can't be
decrypted by the 0.9.7 either. If the --cipher-algo is not specified,
everything works fine.

Listing the packets does indeed show a difference. A q.asc produced by the
version 0.9.7 lists as:

$ gpg --list packets q.asc
gpg: Option "--list" is ambiguous
bash-2.03$ gpg --list-packets q.asc
:symkey enc packet: version 4, cipher 2, s2k 1, hash 3
salt b742d414bb37d32f

...whereas one produced with the version 0.9.10 or later shows:

$ gpg --list-packets q.asc
:symkey enc packet: version 4, cipher 2, s2k 3, hash 3
salt 08cbb4030fd47883, count 96

However, I would expect that backward compatibility with older s2k values be
preserved in decryption.

Cheers --

Enzo
Re: Incompatibility between gnupg 0.9.7 and >0.9.10 in conv. 3des encryption [ In reply to ]
wk at gnupg
Jan 8, 2000, 3:13 AM
Post #2 of 3 (600 views)
Permalink
On Sat, 8 Jan 2000, Enzo Michelangeli wrote:

> I'm not sure whether it's a known problem, but if one encrypts with:
>
> ./gpg097 -a -c --cipher-algo 3des q
>
> and then tries to decrypt with gpg version 0.9.10 or later:

There are more problems with that. The reason is that I changed the
internal API form the hash algorithms somewhere between these versions
with the result that all ciphers needing a key lasrger than the hash
size didn't work anymore or better the string-to-key algorithm was not
compatible.

This is a problem with 3DES and Twofish.

The only solution to reencypt these messages - I am yery soory about
this.

GnuPG 1.0.1 now works like required by the standard and produces valid
3DES, Twofish symmetric only encryptions which interoperate with PGP.
1.0.1 has an option to emulate the bug: --emulate-3des-s2k-bug .
Please note that this option will be removed in gpg 1.1, so either
re-encrypt all these messages or keep a copy of gpg 1.0.0 which has
this bug.

> However, I would expect that backward compatibility with older s2k values be
> preserved in decryption.

It is not possible because the bug reduces the keylength to 160 bit
which is effective then less than 112 bits for 3DES.


--
Werner Koch at guug.de www.gnupg.org keyid 621CC013

Boycott Amazon! - http://www.gnu.org/philosophy/amazon.html
Re: Incompatibility between gnupg 0.9.7 and >0.9.10 in conv. 3des encryption [ In reply to ]
wk at gnupg
Jan 8, 2000, 3:13 AM
Post #3 of 3 (591 views)
Permalink
On Sat, 8 Jan 2000, Enzo Michelangeli wrote:

> I'm not sure whether it's a known problem, but if one encrypts with:
>
> ./gpg097 -a -c --cipher-algo 3des q
>
> and then tries to decrypt with gpg version 0.9.10 or later:

There are more problems with that. The reason is that I changed the
internal API form the hash algorithms somewhere between these versions
with the result that all ciphers needing a key lasrger than the hash
size didn't work anymore or better the string-to-key algorithm was not
compatible.

This is a problem with 3DES and Twofish.

The only solution to reencypt these messages - I am yery soory about
this.

GnuPG 1.0.1 now works like required by the standard and produces valid
3DES, Twofish symmetric only encryptions which interoperate with PGP.
1.0.1 has an option to emulate the bug: --emulate-3des-s2k-bug .
Please note that this option will be removed in gpg 1.1, so either
re-encrypt all these messages or keep a copy of gpg 1.0.0 which has
this bug.

> However, I would expect that backward compatibility with older s2k values be
> preserved in decryption.

It is not possible because the bug reduces the keylength to 160 bit
which is effective then less than 112 bits for 3DES.


--
Werner Koch at guug.de www.gnupg.org keyid 621CC013

Boycott Amazon! - http://www.gnu.org/philosophy/amazon.html

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal