Re: Corrupting files

[Samuel ]slund]

On Mon, Jun 12, 2006 at 11:55:54PM +0200, Ingo Klöcker wrote:
 No, it doesn't. You are still believing in security-by-obscurity meaning 
 that your additional encryption only works as long as you and the 
 recipient are the only ones who know the secret rule.

Please Ingo, _all_ encryption is based on security-by-obscurity if an 
attacker finds the secret key _any_ encryption system is toast.

 Anyway, why do you actually think that what you want to do would make 
 any sense? If the encryption algorithm you use is too weak so that 
 additional encryption methods are necessary then you probably 
 shouldn't use this encryption algorithm in the first place. And if the 
 encryption algorithm you use is strong enough (e.g. AES) then you gain 
 nothing by additional encyrption methods unless those additional 
 encryption methods are an even stronger encryption algorithm than the 
 first one (but then why apply the first one).

I can think of some possible scenarios; if an attacker is has automated the 
attacks, especially with attacks tailored for each known algorithm, then 
making the message not conform to known algorithms and structure should 
break the automation. Another could be, how would an attacker tell the 
difference between a random intercepted file that has been corrupted in 
transit and one with an additional human decryption step, e.g. during the 
window between key compromise and revocation. In this case we are dealing 
with humans that does not necessarily have huge amounts of resources and 
patience.

I'd be impressed by any people communicating that actually had the 
patience to keep up this kind of scheme, since any communication needs 
manual intervention.

//Samuel


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Corrupting files

[Ingo Klöcker]

Am Dienstag, 13. Juni 2006 09:02 schrieb Samuel ]slund:
 On Mon, Jun 12, 2006 at 11:55:54PM +0200, Ingo Klöcker wrote:
  No, it doesn't. You are still believing in security-by-obscurity
  meaning that your additional encryption only works as long as you
  and the recipient are the only ones who know the secret rule.

 Please Ingo, _all_ encryption is based on security-by-obscurity if
 an attacker finds the secret key _any_ encryption system is toast.

You know very well that security by obscurity refers to keeping the 
encryption algorithm secret.

  Anyway, why do you actually think that what you want to do would
  make any sense? If the encryption algorithm you use is too weak so
  that additional encryption methods are necessary then you
  probably shouldn't use this encryption algorithm in the first
  place. And if the encryption algorithm you use is strong enough
  (e.g. AES) then you gain nothing by additional encyrption methods
  unless those additional encryption methods are an even stronger
  encryption algorithm than the first one (but then why apply the
  first one).

 I can think of some possible scenarios; if an attacker is has
 automated the attacks, especially with attacks tailored for each
 known algorithm, then making the message not conform to known
 algorithms and structure should break the automation.

I don't see why such a scenario would make any sense. If the automated 
attack would have any chance of success then the used encryption 
algorithm was too weak. Otherwise it doesn't matter whether the 
automation works for the message or not.

 Another could 
 be, how would an attacker tell the difference between a random
 intercepted file that has been corrupted in transit and one with an
 additional human decryption step, e.g. during the window between key
 compromise and revocation. In this case we are dealing with humans
 that does not necessarily have huge amounts of resources and
 patience.

Maybe you have a point. Still using a self-created obfuscation scheme 
doesn't feel like a really good solution for this threat model.

 I'd be impressed by any people communicating that actually had the
 patience to keep up this kind of scheme, since any communication
 needs manual intervention.

Sure. But as others have said earlier there are better ways to use a 
secure channel than to agree on such a stupid additional obfuscation 
step. If anything, then use a second symmetric encryption step for this 
special two-way-only communication.

Regards,
Ingo


pgpL0FVxJ90rB.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

OpenPGP smartcard restore

[Tristan Williams]

I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart
cards (smartA and smartB) and I want to verify that I can restore my
on-card generated private key should I loose the master card
(smartA). I only want to verify that I can do it - not discuss the
merits of on-card vs. off-card key generation.

I start with an empty ~/.gnupg

For smartA I have

(1) an on-card generated key
(2) the backup file created ~/.gnupg/sk_X.gpg at key generation
(3) a backup of ~/.gnupg/secring.gpg when the 
(4) a file with the exported associated public key 
(5) a test file encrypted with above public key which decrypts with smartA
(6) the pass phrase used at key generation
(7) second OpenPGP smartcard (smartB)

I then I imagine that I have lost my card (smartA), my computer hard disk has
died and I have to restore to a fresh new gpg environment (i.e. no
~/.gnupg) and smartB

I then issues these commands 

gpg --list-keys 
which creates ~/.gnupg and various files within it.

gpg --import public_key.asc 
using (4) from my backups

gpg --list-keys 
shows that the public key has been imported

I then copy my backup secring.gpg to ~/.gnugpg

gpg --edit-key KEYID 
shows that the secret key is present

gpg --list-secret-keys 
shows that the secret key is linked to card-no smartA

gpg --edit-key KEYID
toggle
bkuptocard sk_X.gpg

choose the (1) the signature 
replace existing key yes
enter pass phrase 
save changes yes

Now 

gpg --list-keys 
shows the key still linked to card-no smartA and not smartB

any action needing the private key using smartB results in gpg
requesting that you put in smartA (which is lost...)

Has anyone actually managed a functional OpenPGP card restore with on-card key
generation? And if so how please!

Tristan Williams




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP smartcard restore

[zvrba]

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote:
 I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart
 cards (smartA and smartB) and I want to verify that I can restore my
 on-card generated private key should I loose the master card
 (smartA). I only want to verify that I can do it - not discuss the
 merits of on-card vs. off-card key generation.
 
 I start with an empty ~/.gnupg
 
 For smartA I have
 
 (1) an on-card generated key

You can stop here. In order to use card B you need to transfer the PRIVATE
key from card A to card B. It is _impossible_ to export the private key
under any circumstances (minus backdoors/implementation bugs in the smart-
card software). Period. If you want to have the same private key on several
physical cards, your only option is off-card generation, with import of the
key afterwards.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEjuLdFtofFpCIfhMRA76IAJwPcBSIb0J2F07FMIwBxE/FGXso/QCcC8xq
mBs0HDxYJudS0YWpz6O9XEA=
=e9hh
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP smartcard restore

[Tristan Williams]

On 13Jun06 18:07, [EMAIL PROTECTED] wrote:
 On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote:
  I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart
  cards (smartA and smartB) and I want to verify that I can restore my
  on-card generated private key should I loose the master card
  (smartA). I only want to verify that I can do it - not discuss the
  merits of on-card vs. off-card key generation.
  
  I start with an empty ~/.gnupg
  
  For smartA I have
  
  (1) an on-card generated key
 
 You can stop here. In order to use card B you need to transfer the PRIVATE
 key from card A to card B. It is _impossible_ to export the private key
 under any circumstances (minus backdoors/implementation bugs in the smart-
 card software). Period. If you want to have the same private key on several
 physical cards, your only option is off-card generation, with import of the
 key afterwards.
 
 

Then it makes me wonder what is the purpose of the off card backup
file sk_X.gpg created when the original private key was created via
the on-card method? I can appreciate there might be reasons for not
permitting export of the private key from the card but I did expect
that restoring a private key using the backup file made at key
creation time would be possible. It looks like I was wrong in that
thought.










 




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: False Decrypt Error...

[David Shaw]

On Tue, Jun 13, 2006 at 10:37:07AM -0500, Eric Robinson wrote:
 Is anyone familiar with the following error?
 
 Standard Error: gpg: WARNING: unsafe permissions on homedir
 /opt/fxnet/gpggpg: WARNING: using insecure memory!gpg: please see
 http://www.gnupg.org/faq.html for more informationgpg: encrypted with
 1024-bit ELG-E key, ID 07B01208, created 2004-07-14 entsys (FedExNet
 GPG Key) gpg: [don't know]: invalid packet (ctb=2f)gpg: WARNING:
 message was not integrity protected  
 
 My tech guy says it has nothing to do with the 'WARNING: using insecure
 memory!' message, but it is the 'WARNING: message was not integrity
 protected' messagei have checked the FAQ's and found some info on
 the insecure memory that he says isn't the issue...

You've got a bunch of warnings here.  Let's take them one at a time:

 gpg: WARNING: unsafe permissions on homedir /opt/fxnet/gpg

Just what it says: the directory /opt/fxnet/gpg is writable by someone
other than you.  It's a good idea for you to fix it, but it isn't the
cause of your problem.

 gpg: WARNING: using insecure memory!
 gpg: please see http://www.gnupg.org/faq.html for more information

GPG tries to lock a small amount of memory so you can't accidentally
swap a passphrase out to disk.  Depending on how you are using GPG,
this may not be significant to you.  Either way, it's not the cause of
your problem.

 gpg: WARNING: message was not integrity protected

This means that there is no integrity protection packet on the
message.  There is a very difficult attack against the old PGP message
format that the integrity protected format combats.  This isn't the
cause of your problem either.

 gpg: [don't know]: invalid packet (ctb=2f)

THIS is your problem.  GPG found garbage in the message that could not
be parsed.  Since you say the message was decrypted correctly before
the garbage was found, it's likely the garbage is at the end.

Is this an armored (i.e. --- BEGIN PGP MESSAGE ---) message or
binary (not printable ASCII)?

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

mime and pgp.asc

[alifbaa]

I am currently using GPG 1.4.3 on my mac powerbook G4 OSX 10.4.6  I hope that
this is the right forum to post this question, but when i send an email with
attachment and encrypt and sign it, it converts the message into two
attachments, one that says mime-attachment and one that says pgp.asc.  I
don't want this.  I want it to encrypt and sign it and it have an encrypted
message at the top and an encrypted attachment at the bottom.  I am
currently sending these emails with the two attachments to a coworker with a
PC that uses PGP and he cannot decrypt my emails.  Any help would be greatly
appreciated.


--
View this message in context: 
http://www.nabble.com/mime-and-pgp.asc-t1781584.html#a4851086
Sent from the GnuPG - User forum at Nabble.com.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP smartcard restore

[zvrba]

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

On Tue, Jun 13, 2006 at 07:03:42PM +0200, markus reichelt wrote:
 
 Sorry, that was heat-induced and shall read of course as follows:
 
No need to apologize :)


 Essentially you're saying: a private key generated on/via a smartcard
 cannot be exported, so no backup of the private key in question is
 possible. Because if the private key(s) could be exported, import of
 the key(s) in question just works without problems.

Exactly. If you want a smart-card that allows both export and import,
then you don't have a problem. But this defeats the point of having a
smart-card (a virus can wait until you authorize yourself to the card
and unnoticed copy your private key to the attacker, for example).


 Bottom line, what's the use of importing to smartcards when no export

Importing means that you have an off-card key backup. If you don't
have an off-card key backup (to import to another smart-card in case of
theft or HW failure of the 1st card), *and* you've used that smart-card
for decryption purposes... well, tough luck!


 from smartcards is possible? In other words: Why is the export of
 plain smartcard private keys prohibited in the first place?

Security. This is the point of having a smart-card. Not even the owner
of the smart card knows the private key. You are _entitled_ to use it
to perform private key operations (if you know the PIN), but you don't
know the key itself.

For example, some digital signature laws require such level of security
(FIPS level 2 or better).


 Additionally, why is importing of off-card generated private keys
 allowed then? Where's the difference?
 
Backup. The difference being that importing an off-card generated private key
may be stolen (either in transit to the smart card or from the disk) and
thus doesn't provide the level of security required for some purposes (eg.
non-repudiation digital signature).

IMHO, it's no great damage if you loose your signing key. Loosing your
decryption key is admittedly a problem that people think about usually
only when it's too late.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEjvjYFtofFpCIfhMRA3QRAJwMS5FFIFs3F70pEVu2qPaQRc85ZACeJOwS
tFCOWI5EscGStcPmu9e/dik=
=8lVR
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: mime and pgp.asc

[Todd Zullinger]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

alifbaa wrote:
 I am currently using GPG 1.4.3 on my mac powerbook G4 OSX 10.4.6  I hope that
 this is the right forum to post this question, but when i send an email with
 attachment and encrypt and sign it, it converts the message into two
 attachments, one that says mime-attachment and one that says pgp.asc.  I
 don't want this.  I want it to encrypt and sign it and it have an encrypted
 message at the top and an encrypted attachment at the bottom.  I am
 currently sending these emails with the two attachments to a coworker with a
 PC that uses PGP and he cannot decrypt my emails.  Any help would be greatly
 appreciated.

It sounds like you are sending mail using the PGP/MIME format and your
coworker's mail client can't handle that.  What mail clients are you
and your recipient using?  What version of PGP is your coworker using?

Knowing that, someone here may be able to let you know what, if any,
settings scan be changed on either system to enable you to
communicate.

- -- 
ToddOpenPGP - KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
==
What it means to take rights seriously is that one will honor them
even when there is a significant social cost in doing so.
-- Ronald Dworkin

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iG0EARECAC0FAkSPAbomGGh0dHA6Ly93d3cucG9ib3guY29tL350bXovcGdwL3Rt
ei5hc2MACgkQuv+09NZUB1rvIwCgtnOK0D6MSVwgGnopoaUHjSNLcd0AnArkRlBC
5ZazzBt0RhUjd9qLY4w5
=VR9o
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: False Decrypt Error...

[David Shaw]

On Tue, Jun 13, 2006 at 01:40:51PM -0500, Eric Robinson wrote:
 Hello David,
 Thanks so much for responding...
 
 We have switched from PGP to GPG and we have some of our customers are still 
 using PGP, 
 
 ¨PGPÁÀNŠˆæ °  is the first part of the message.
 
 What you said below is suspicous, I did notice a null value 00, hex
 20 20, at the end of the file, I stripped it out and resubmitted it
 and it processed fine.
 
 I will go on that assumption for now and edit these files that come
 in and fail.  If that's the case I'll get our development team
 towrite a program to strip these out automatically before
 decryption.

Take a look at how you're transferring the files around.  It's a very
common problem where people use FTP in ascii mode to copy the files
around and end up with them mangled.

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP smartcard restore

[Ingo Klöcker]

On Tuesday 13 June 2006 19:03, markus reichelt wrote:
 * markus reichelt [EMAIL PROTECTED] wrote:
  Essentially you're saying: no backup of a private key generated
  on/via a smartcard cannot be exported. Because if it could be
  exported, importing the key(s) in question just works.

 Sorry, that was heat-induced and shall read of course as follows:

 Essentially you're saying: a private key generated on/via a smartcard
 cannot be exported, so no backup of the private key in question is
 possible. Because if the private key(s) could be exported, import of
 the key(s) in question just works without problems.

 The rest of my message still stands though.

 Bottom line, what's the use of importing to smartcards when no export
 from smartcards is possible?

Obviously, to be able to import keys which were generated off-card. 
Because some people don't seem to be able to sleep without a backup of 
the private key.

 In other words: Why is the export of 
 plain smartcard private keys prohibited in the first place?

Is that a trick question? Short answer: Security. Longer answer: It's 
prohibited because if nobody can export the private key from the 
smartcard then nobody can steal the private key without your knowledge. 
You would surely notice that your smartcard is missing but you might 
never know that some trojan horse has stolen your private key.

 Additionally, why is importing of off-card generated private keys
 allowed then?

See above. Other use case: My key is signed by many people. If I 
couldn't import my key to a smartcard (well, I think I can't because 
it's no RSA key, but let's pretend for the moment that it were an 
importable key), then I'd have to regather all those signatures again 
for my new on-card generated key.

Regards,
Ingo


pgp4rpv9BPga2.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP smartcard restore

[zvrba]

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

On Tue, Jun 13, 2006 at 06:46:48PM +0100, Tristan Williams wrote:
 
 Then it makes me wonder what is the purpose of the off card backup
 file sk_X.gpg created when the original private key was created via
 the on-card method?

Huh, according to the OpenPGP card specification v1.1, the GENERATE KEY
command returns only the public part of the key. If the backup file really
contains the private key, then the key is _not_ generated on the card,
even though you believe that it is. Look for yourself here:

http://g10code.com/docs/openpgp-card-1.1.pdf

in section 7.2.11 at page 38.

Have you checked what is inside the backup file?

Of course, I might be wrong, but publicly available sources seem to tell
that I'm right. I tried to dig into the gnupg source to see what is really
happening, but it's too large :/

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEjwmfFtofFpCIfhMRA+O8AJwNTSdBzCBGPmJX6Sh6XqzJejTYLACdEfVI
PdagoBhaeMOdwjq1AfYR0D4=
=0vOZ
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP smartcard restore

[David Shaw]

On Tue, Jun 13, 2006 at 06:46:48PM +0100, Tristan Williams wrote:
 On 13Jun06 18:07, [EMAIL PROTECTED] wrote:
  On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote:
   I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart
   cards (smartA and smartB) and I want to verify that I can restore my
   on-card generated private key should I loose the master card
   (smartA). I only want to verify that I can do it - not discuss the
   merits of on-card vs. off-card key generation.
   
   I start with an empty ~/.gnupg
   
   For smartA I have
   
   (1) an on-card generated key
  
  You can stop here. In order to use card B you need to transfer the PRIVATE
  key from card A to card B. It is _impossible_ to export the private key
  under any circumstances (minus backdoors/implementation bugs in the smart-
  card software). Period. If you want to have the same private key on several
  physical cards, your only option is off-card generation, with import of the
  key afterwards.
  
  
 
 Then it makes me wonder what is the purpose of the off card backup
 file sk_X.gpg created when the original private key was created via
 the on-card method? I can appreciate there might be reasons for not
 permitting export of the private key from the card but I did expect
 that restoring a private key using the backup file made at key
 creation time would be possible. It looks like I was wrong in that
 thought.

There is a little misunderstanding here.  When you generate a card key
with off-card backup, the key is not generated via the on-card method.
The key is generated like any other key, and then uploaded to the
card (and saved to the backup file).

The card does not allow reading a secret key off the card, so if you
really generated it on-card, there would be no way of making the
backup file.

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP smartcard restore

[David Shaw]

On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote:
 I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart
 cards (smartA and smartB) and I want to verify that I can restore my
 on-card generated private key should I loose the master card
 (smartA). I only want to verify that I can do it - not discuss the
 merits of on-card vs. off-card key generation.
 
 I start with an empty ~/.gnupg
 
 For smartA I have
 
 (1) an on-card generated key
 (2) the backup file created ~/.gnupg/sk_X.gpg at key generation
 (3) a backup of ~/.gnupg/secring.gpg when the 
 (4) a file with the exported associated public key 
 (5) a test file encrypted with above public key which decrypts with smartA
 (6) the pass phrase used at key generation
 (7) second OpenPGP smartcard (smartB)
 
 I then I imagine that I have lost my card (smartA), my computer hard disk has
 died and I have to restore to a fresh new gpg environment (i.e. no
 ~/.gnupg) and smartB
 
 I then issues these commands 
 
 gpg --list-keys 
 which creates ~/.gnupg and various files within it.
 
 gpg --import public_key.asc 
 using (4) from my backups
 
 gpg --list-keys 
 shows that the public key has been imported
 
 I then copy my backup secring.gpg to ~/.gnugpg
 
 gpg --edit-key KEYID 
 shows that the secret key is present
 
 gpg --list-secret-keys 
 shows that the secret key is linked to card-no smartA
 
 gpg --edit-key KEYID
 toggle
 bkuptocard sk_X.gpg
 
 choose the (1) the signature 
 replace existing key yes
 enter pass phrase 
 save changes yes
 
 Now 
 
 gpg --list-keys 
 shows the key still linked to card-no smartA and not smartB
 
 any action needing the private key using smartB results in gpg
 requesting that you put in smartA (which is lost...)

Try this: do everything you did above, but at the end, delete the
secret key stub:

  gpg --delete-secret-keys KEYID

(or gpg --edit-key, toggle, and delkey if you're doing just a subkey).

And now recreate the stub:

  gpg --card-edit

I don't have my card with me so I can't test this, but it should do
what you want.

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP smartcard restore

[Tristan Williams]

On 13 Jun 2006, at 20:37, David Shaw wrote:


On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote:
I am experimenting with the OpenPGP smartcard. I have two OpenPGP  
smart

cards (smartA and smartB) and I want to verify that I can restore my
on-card generated private key should I loose the master card
(smartA). I only want to verify that I can do it - not discuss the
merits of on-card vs. off-card key generation.

I start with an empty ~/.gnupg

For smartA I have

(1) an on-card generated key
(2) the backup file created ~/.gnupg/sk_X.gpg at key generation
(3) a backup of ~/.gnupg/secring.gpg when the
(4) a file with the exported associated public key
(5) a test file encrypted with above public key which decrypts  
with smartA

(6) the pass phrase used at key generation
(7) second OpenPGP smartcard (smartB)

I then I imagine that I have lost my card (smartA), my computer  
hard disk has

died and I have to restore to a fresh new gpg environment (i.e. no
~/.gnupg) and smartB

I then issues these commands

gpg --list-keys
which creates ~/.gnupg and various files within it.

gpg --import public_key.asc
using (4) from my backups

gpg --list-keys
shows that the public key has been imported

I then copy my backup secring.gpg to ~/.gnugpg

gpg --edit-key KEYID
shows that the secret key is present

gpg --list-secret-keys
shows that the secret key is linked to card-no smartA

gpg --edit-key KEYID
toggle
bkuptocard sk_X.gpg

choose the (1) the signature
replace existing key yes
enter pass phrase
save changes yes

Now

gpg --list-keys
shows the key still linked to card-no smartA and not smartB

any action needing the private key using smartB results in gpg
requesting that you put in smartA (which is lost...)


Try this: do everything you did above, but at the end, delete the
secret key stub:

  gpg --delete-secret-keys KEYID

(or gpg --edit-key, toggle, and delkey if you're doing just a subkey).

And now recreate the stub:

  gpg --card-edit

I don't have my card with me so I can't test this, but it should do
what you want.

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


It works as you suggested.

gpg is now happy with smartB (and longer asks  for smartA). The file  
I encrypted with the public key is decrypted correctly.

gpg now references smartB not smartA when listing keys.

So what is in sk_X.gpg if it is not a standalone importable secret key?

Thanks and regards,

Tristan Williams













___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

RE: False Decrypt Error...

[Eric Robinson]

Ok, will do, in this case they send 10 files each day and maybe 1 a week errors 
out like this...
Thanks again,
Eric
 
-
Eric Robinson
Business Application Advisor
FedEx Corporate Services
Internet Engineering  EC Integration
901.263.5749
-


-Original Message-
From: David Shaw [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, June 13, 2006 1:47 PM
To: Eric Robinson
Cc: gnupg-users@gnupg.org
Subject: Re: False Decrypt Error...

On Tue, Jun 13, 2006 at 01:40:51PM -0500, Eric Robinson wrote:
 Hello David,
 Thanks so much for responding...
 
 We have switched from PGP to GPG and we have some of our customers are 
 still using PGP,
 
 ¨PGPÁÀNŠˆæ °  is the first part of the message.
 
 What you said below is suspicous, I did notice a null value 00, hex 20 
 20, at the end of the file, I stripped it out and resubmitted it and 
 it processed fine.
 
 I will go on that assumption for now and edit these files that come in 
 and fail.  If that's the case I'll get our development team towrite a 
 program to strip these out automatically before decryption.

Take a look at how you're transferring the files around.  It's a very common 
problem where people use FTP in ascii mode to copy the files around and end up 
with them mangled.

David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Corrupting files

[Johan Wevers]

Atom Smasher wrote:

btw, what's the threat model where this is advantageous?

I can imagine it might be used for plausible deniability: if some law
enforcement agency would force you to decrypt the messsage, you could
claim you can't and you didn't read it anyway because it's corrupted.

Of course, this might be automated in a hacked copy of gpg instead of
hand-editing a file. Also safer since it leaves no intermediate evidence
around on your harddisk. Of course it would be better to store the changed
source code somewhere safe.

Might work against police drones, employers, etc. The NSA is unlikely
to be fooled by such a scheme.

-- 
ir. J.C.A. Wevers //  Physics and science fiction site:
[EMAIL PROTECTED]   //  http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

RE: False Decrypt Error...

[Eric Robinson]

Hello David,
Thanks so much for responding...

We have switched from PGP to GPG and we have some of our customers are still 
using PGP, 

¨PGPÁÀNŠˆæ °  is the first part of the message.

What you said below is suspicous, I did notice a null value 00, hex 20 20, at 
the end of the file, I stripped it out and resubmitted it and it processed fine.

I will go on that assumption for now and edit these files that come in and 
fail.   If that's the case I'll get our development team towrite a program to 
strip these out automatically before decryption. 

Thanks for your time in this.

Eric
 
-
Eric Robinson
Business Application Advisor
FedEx Corporate Services
Internet Engineering  EC Integration
901.263.5749
-


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Shaw
Sent: Tuesday, June 13, 2006 12:52 PM
To: gnupg-users@gnupg.org
Subject: Re: False Decrypt Error...

On Tue, Jun 13, 2006 at 10:37:07AM -0500, Eric Robinson wrote:
 Is anyone familiar with the following error?
 
 Standard Error: gpg: WARNING: unsafe permissions on homedir
 /opt/fxnet/gpggpg: WARNING: using insecure memory!gpg: please see 
 http://www.gnupg.org/faq.html for more informationgpg: encrypted with 
 1024-bit ELG-E key, ID 07B01208, created 2004-07-14 entsys (FedExNet 
 GPG Key) gpg: [don't know]: invalid packet (ctb=2f)gpg: WARNING:
 message was not integrity protected
 
 My tech guy says it has nothing to do with the 'WARNING: using 
 insecure memory!' message, but it is the 'WARNING: message was not 
 integrity protected' messagei have checked the FAQ's and found 
 some info on the insecure memory that he says isn't the issue...

You've got a bunch of warnings here.  Let's take them one at a time:

 gpg: WARNING: unsafe permissions on homedir /opt/fxnet/gpg

Just what it says: the directory /opt/fxnet/gpg is writable by someone other 
than you.  It's a good idea for you to fix it, but it isn't the cause of your 
problem.

 gpg: WARNING: using insecure memory!
 gpg: please see http://www.gnupg.org/faq.html for more information

GPG tries to lock a small amount of memory so you can't accidentally swap a 
passphrase out to disk.  Depending on how you are using GPG, this may not be 
significant to you.  Either way, it's not the cause of your problem.

 gpg: WARNING: message was not integrity protected

This means that there is no integrity protection packet on the message.  There 
is a very difficult attack against the old PGP message format that the 
integrity protected format combats.  This isn't the cause of your problem 
either.

 gpg: [don't know]: invalid packet (ctb=2f)

THIS is your problem.  GPG found garbage in the message that could not be 
parsed.  Since you say the message was decrypted correctly before the garbage 
was found, it's likely the garbage is at the end.

Is this an armored (i.e. --- BEGIN PGP MESSAGE ---) message or binary (not 
printable ASCII)?

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users