Hi
Could any one tell me the high-level prime search method employed by
GPG? Is it something like this:
- generate a random number
- is it prime? if yes, use it
- if not, continue adding ones to it until a prime number is found
Also, which algorithm is used by GPG for testing primality?
Brent Hagany wrote on 19.01.2008 02:39:
Hello,
This issue has been addressed several times on this list, but after
several hours of searching, I cannot find a solution that works for me.
Here's a simple test case that I cannot get to work:
$out = exec(/usr/bin/gpg
While I understand that this place isn't the best for PKS bug reports,
I'm still not sure of what's happening (except it's quite weird). My key
0x8443620A consists of a main certification key and two subkeys: one for
encryption and one for signing.
Both subkeys have expired in the end of the last
Vlad \SATtva\ Miller [EMAIL PROTECTED] writes:
While I understand that this place isn't the best for PKS bug reports,
I'm still not sure of what's happening (except it's quite weird). My key
0x8443620A consists of a main certification key and two subkeys: one for
encryption and one for
Simon Josefsson wrote on 19.01.2008 17:15:
Vlad \SATtva\ Miller [EMAIL PROTECTED] writes:
[snip]
If I understand this correctly and not missing something terribly here,
keyservers just looked at newly uploaded key, thought huh? I already
have that subkey in place, and this 0x18 sig too!, and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Vlad SATtva Miller wrote the following on 1/19/08 6:01 AM:
[...]
| Here for example (in the bottom) you may see two subkeys with binding
| signatures expired at 2007-12-31:
|
Charly Avital wrote on 19.01.2008 18:26:
Vlad SATtva Miller wrote the following on 1/19/08 6:01 AM:
[...]
| Here for example (in the bottom) you may see two subkeys with binding
| signatures expired at 2007-12-31:
|
http://pool.sks-keyservers.net:11371/pks/lookup?search=0x8443620Aop=vindex
GnuPG is warning you since you seem to have not signed the Key.
IF you trust the key (i.e. you are sure to a reasonable degree that the
key owner is who he claims to be), then you should sign it and the
warning will go away.
To do so from the command line:
gpg --edit-key key id
sign (1)
save
Vlad SATtva Miller wrote the following on 1/19/08 8:38 AM:
[...]
So here's an explicit distinction between what we got from a keyserver
and from the gpg output.
As far as I am concerned, that's what I got from the keyserver I used,
yes.
I believe [EMAIL PROTECTED] posted that:
I'm not
Hi all and thank you for GnuPG!
I was wondering whether one attacker who'd be in possess of my private and
public keys, my entire archive of encrypted data, and a common file which for
sure is just plain the same as an encrypted one of my backup, could in some
way and time recover my
When in doubt, use brute force. So, the answer is, it depends on the
strenght of your passphrase.
--David.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
=~~=~=~=~=~=~=~=~=~=~=~=~=~~=
19:41 (sabato), David Picón Álvarez:
When in doubt, use brute force. So, the answer is, it depends on the
strenght of your passphrase.
--David.
So if the strenght of passphrase is something like 25 chars (a-Z,0-9,non
alphanumeric) I can rest assured nobody
On Sat, Jan 19, 2008 at 08:54:26PM +0100, [EMAIL PROTECTED] wrote:
=~~=~=~=~=~=~=~=~=~=~=~=~=~~=
19:41 (sabato), David Pic?n ?lvarez:
When in doubt, use brute force. So, the answer is, it depends on the
strenght of your passphrase.
--David.
So if the strenght of passphrase is something
[EMAIL PROTECTED] wrote:
gpg, but let my keys available to the attacker, would he theorically be able
to crack my passphrase and recover all of my archive?
Yes.
Please note how you qualified that: /theoretically./ In practice, given
a good passphrase, this is highly nontrivial.
[EMAIL PROTECTED] wrote:
So if the strenght of passphrase is something like 25 chars (a-Z,0-9,non
alphanumeric) I can rest assured nobody today or in a year could possibly
decrypt even someone with a distributed super calculus hardware power, is it?
Depends. English text has about 1.5 bits
15 matches
Mail list logo
