On Tuesday, November 19, 2013 at 3:51 AM, fuzzykitt...@riseup.net wrote:
>Upon decryption of the attached message, the program requests a new
>passphrase. Then after any arbitrary string is entered (or 
>decryption of the message fails. It does not matter if any private 
>are held in gnupg (including the key of the intended recipient).
>Here is the message in question. How is this possible?


As Peter answered, this is message encrypted both to a Public Key and also 
symmetrically to a passphrase only.

If, after gnupg asks for the message, any string other than the correct 
passphrase is entered,
then there will be an error message.
(The interesting part is that the error message changes with the string used as 
a passphrase.)

Here is my recreation of this type of encrypted message, both to my public key, 
and conventionally, to only a passphrase, using the following command:

V:\gnupg>gpg -a -c -e -r D35FB186 e:\de1.txt

Version: GnuPG v1.4.15 (MingW32)
Comment: Acts of Kindness better the World, and protect the Soul


(the passphrase is: sss)

Here is what gnupg  does when I enter the wrong passphrase for my key, but the 
correct one for the symmetrically encrypted part:

V:\gnupg>gpg --list-packets e:\det1.txt.asc

gpg: armor header: Version: GnuPG v1.4.15 (MingW32)
gpg: armor header: Comment: Acts of Kindness better the World, and protect the S
:pubkey enc packet: version 3, algo 1, keyid 506F4FA1D35FB186
        data: [4095 bits]
gpg: public key is D35FB186

You need a passphrase to unlock the secret key for
user: "vedaal nistar (previous addresses were spam flooded) <ved...@nym.hush.com
4096-bit RSA key, ID D35FB186, created 2008-01-22

gpg: Invalid passphrase; please try again ...

You need a passphrase to unlock the secret key for
user: "vedaal nistar (previous addresses were spam flooded) <ved...@nym.hush.com
4096-bit RSA key, ID D35FB186, created 2008-01-22

gpg: Invalid passphrase; please try again ...

You need a passphrase to unlock the secret key for
user: "vedaal nistar (previous addresses were spam flooded) <ved...@nym.hush.com
4096-bit RSA key, ID D35FB186, created 2008-01-22

:symkey enc packet: version 4, cipher 10, s2k 3, hash 8, seskey 256 bits
        salt 4d55b202f01ee267, count 65536 (96)
gpg: TWOFISH encrypted session key
:encrypted data packet:
        length: 71
        mdc_method: 2
gpg: encrypted with 1 passphrase
gpg: encrypted with 4096-bit RSA key, ID D35FB186, created 2008-01-22
      "vedaal nistar (previous addresses were spam flooded) <ved...@nym.hush.com
gpg: public key decryption failed: bad passphrase

:symkey enc packet: version 4, cipher 10, s2k 3, hash 8, seskey 256 bits
        salt 4d55b202f01ee267, count 65536 (96)
gpg: TWOFISH encrypted session key
Enter passphrase:

gpg: TWOFISH encrypted data
:compressed packet: algo=1
:literal data packet:
        mode b (62), created 1384876034, name="de1.txt",
        raw data: 11 bytes
gpg: decryption okay
gpg: session key: `10:549F3BBBA12DD79C0019854AED854964931A9C2349870785130B0E863F

Now, here is what gnupg does when the 'incorrect' passphrase is given for the 
symmetric part:

V:\gnupg>gpg e:\de1.txt.asc

gpg: armor header: Version: GnuPG v1.4.15 (MingW32)
gpg: armor header: Comment: Acts of Kindness better the World, and protect the S
:pubkey enc packet: version 3, algo 1, keyid 506F4FA1D35FB186
        data: [4095 bits]
gpg: public key is D35FB186

You need a passphrase to unlock the secret key for
user: "vedaal nistar (previous addresses were spam flooded) <ved...@nym.hush.com
4096-bit RSA key, ID D35FB186, created 2008-01-22

gpg: Invalid passphrase; please try again ...

You need a passphrase to unlock the secret key for
user: "vedaal nistar (previous addresses were spam flooded) <ved...@nym.hush.com
4096-bit RSA key, ID D35FB186, created 2008-01-22

gpg: Invalid passphrase; please try again ...

You need a passphrase to unlock the secret key for
user: "vedaal nistar (previous addresses were spam flooded) <ved...@nym.hush.com
4096-bit RSA key, ID D35FB186, created 2008-01-22

:symkey enc packet: version 4, cipher 10, s2k 3, hash 8, seskey 256 bits
        salt 4d55b202f01ee267, count 65536 (96)
gpg: TWOFISH encrypted session key
:encrypted data packet:
        length: 71
        mdc_method: 2
gpg: encrypted with 1 passphrase
gpg: encrypted with 4096-bit RSA key, ID D35FB186, created 2008-01-22
      "vedaal nistar (previous addresses were spam flooded) <ved...@nym.hush.com

:symkey enc packet: version 4, cipher 10, s2k 3, hash 8, seskey 256 bits
        salt 4d55b202f01ee267, count 65536 (96)
gpg: TWOFISH encrypted session key
Enter passphrase:

gpg: public key decryption failed: bad passphrase
gpg: encrypted with unknown algorithm 163
gpg: decryption failed: unknown cipher algorithm

(the passphrase used was: 12345)

Now here is the last part of the error message when a 'different incorrect' 
passphrase ( boo)  is used:

gpg: public key decryption failed: bad passphrase
gpg: encrypted with unknown algorithm 231
gpg: decryption failed: unknown cipher algorithm

Why does gnupg give these types of error message, as opposed to simply stating  
'decryption failed: bad passphrase' ??

What kind of relationship is there between the number listed for the 'unknown 
algorithm' and the passphrase string that was given,
and might this be used in any way to try attack gnupg by determining the length 
of the passphrase or the correctness of any character in the string ?


Gnupg-users mailing list

Reply via email to