Re: GPG signature verification problem?
On Wed, 18 Apr 2007 22:59, [EMAIL PROTECTED] said: Interestingly, with GPGol both signatures verified correctly! It uses MIME parser code I wrote and thus tehre is some chance that it actually worked ;-) While attempts to use GPG4Win directly (open the email piece and run GPG4Win on the Current Window) fail with BAD signature. What do you mean by running Gpg4win directly? Running the GPA, WinPT or GPGee? Salam-Shalom, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
RE: GPG signature verification problem?
Interestingly, with GPGol both signatures verified correctly! It uses MIME parser code I wrote and thus there is some chance that it actually worked ;-) Yes it worked! :-) While attempts to use GPG4Win directly (open the email piece and run GPG4Win on the Current Window) fail with BAD signature. What do you mean by running Gpg4win directly? Running the GPA, WinPT or GPGee? Specifically I ran WinPT - the part of it which allows Decrypting/verifying contents of the current window. Thank you! *** Bear Stearns is not responsible for any recommendation, solicitation, offer or agreement or any information about any transaction, customer account or account activity contained in this communication. *** ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG return codes
On Wed, 18 Apr 2007 20:04, [EMAIL PROTECTED] said: Where can I find a list of the program return codes? The man page describes 0 (success), 1 (bad signature), and other error codes for fatal errors. What are the other return codes? Don't rely on the return codes; they are not well defined. Use the status interface to get hands on the reuslt. An exception is gpgv which is guaranteed to return success if the signature is good and trustworthy. Shalom-Salam, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Quantum computing (Robert J. Hansen)
Message: 4 Date: Wed, 18 Apr 2007 19:56:48 -0500 From: Robert J. Hansen [EMAIL PROTECTED] Subject: Re: Quantum computing Brute-forcing a 128-bit cipher using a traditional computer is a ridiculous proposition, but using Grover's, it becomes as hard as brute-forcing a 64-bit cipher... hard, but possible. So the best way to defend against exhaustive key search in a quantum world is to either (a) trust that quantum computing is going to remain in just a couple of years for the next few decades (which may very well be true), or (b) multiply your key sizes by a factor of 2. The principal reason why AES supports a 256-bit key is because of the possibility of quantum computing and Grover's algorithm. Brute- forcing a 256-bit cipher with Grover's is as hard as brute-forcing a 128-bit cipher with a conventional computer... absolutely ridiculous. :) am not familiar with quantum physics, but do have some math background please confirm if i have understood your post correctly to imply that if someone uses a straight diceware passphrase (choosing words as they appear in the diceware list without alteration, so that a brute force dictionary attack using a diceware word list is possible) to protect a message encrypted symmetrically with a 256 bit algorithm, then quantum computing could crack the passphrase even if it consisted of 10 diceware words, and that in order to achieve passphrase security at the 128 bit level a 20 word diceware passphrase would be necessary ? =[begin background calculations]= a diceware word list has 7776 possiblities, 7776 = 6^5 (5 dicethrows, 6 possibilities each) 7776 = [(2)(3)]^5 2^(1.58) 3 2^(1.59) (2)(3) = (2)(2^[1.58]) = 2^[2.58] (7776) = [(2)(3)]^5 = [2^(2.58)]^5 = 2^(12.9) so, to find the number of diceware words that would provide equivalent security to a 128 or 256 bit symmetrical algorithm, we do (7776)^x = 2^128 and (7776)^y = 2^256 which becomes 2^[(12.9)x] = 2^128 and 2^[(12.9)y] = 2^256 so the closest integral values for x and y are 10 and 20 respectively (whether the 1.58 or 1.59 exponents are used) =[end background calculations]= so, back to the quantum issue, does this mean that if quantum computing ever becomes functional to where a 128 bit symmetrical cipher is feasibly attackable, then symmetrically encrypted messages, sda's, etc. using 10 diceware words or less, are similarly attackable? tia, vedaal -- Click to find great rates on medical insurance, save big, shop here http://tagline.hushmail.com/fc/CAaCXv1QS4cgSbayabBZZAAdxaOeMea0/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Batch Mode and decrypt
If the passphrase is passed in as a parameter to the script, the passphrase will be clearly visible in the process list (on Unix/ Linux) (via the ps command). To be honest, there is really no way to properly secure a passphrase for an automated system if the passphrase exists anywhere on that system. All users with root access will be able to get to the private key through some means. If you are not worried about users with root access, then you don't need to encrypt the private key, since non-root users won't be able to read the secret key in the process's home directory. It's a chicken-or-egg situation. If you can trust the root users, you are better off keeping it simple and just not using an encrypted private key. If you cannot trust the root users, you should not trust the system at all. On Apr 19, 2007, at 8:33 AM, jane grove wrote: Thank you guys. Both the cat pipe way and the way work well. David, yes you made a very good point of not hard-coding the passphrase or its file name. In my current script, I have a variable to hold the passphrase file name. The actual file name is passed in as a parameter when I call the script from another command outside the script. If an attacker opens the current script, s/he won't see the actual passphrase or its file name, s/he will only see the variable name. The passphrase is stored in a separate place. I am thinking of better ways to secure the passphrase and automate the jobs at the same time. I appreciate everyone's input. Jane On 4/14/07, David Shaw [EMAIL PROTECTED] wrote: On Sat, Apr 14, 2007 at 10:23:24PM -0500, jane grove wrote: Hello, I am trying to use the GnuPG command decrypt in batch mode (i.e. in a script). When I use the option --batch, I don't have a way to enter the user id or passphrase. Look at the --passphrase-fd, --passphrase-file, or --passphrase options. They are all in the manual, and can be used to provide a passphrase during batch operation. However, if you are including the passphrase in a script, it is worth asking yourself if there is any security benefit in having a passphrase-protected key at all. After all, an attacker who gets access to the script needs merely to read it to know the passphrase. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users smime.p7s Description: S/MIME cryptographic signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Quantum computing (Robert J. Hansen)
please confirm if i have understood your post correctly to imply that if someone uses a straight diceware passphrase I'm not going to talk about this for three reasons. 1. I've never used Diceware, so I can't talk intelligently about it. 2. The answer will depend a lot on implementation details. What s2k algorithm is being used? What algorithm is used to encrypt the secret key? What... etc., etc. 3. I've already explained why quantum computing is not something we need to worry about. Be far, _far_ more concerned with the physical security of your machine more than any hypothetical developments in quantum computation. We tend to obsess over quantum computing. We shouldn't. At this point in time it's science fiction. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
OpenGPG card indifferent places ?
Hi, I have an OpenGPG card and created the keys on the card. Encryption and signing works perfect with enigmail. But when try to access encrypted mails with enigmail from my PC at home enigmail that the secret key is not available. The card reader is the same but how can I tell gpg that a key from the card has to be added to my keyring ?? Could you help please ? Thanx. Ciao Matthias ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenGPG card indifferent places ?
John Clizbe wrote: Matthias Barmeier wrote: Hi, I have an OpenGPG card and created the keys on the card. Encryption and signing works perfect with enigmail. But when try to access encrypted mails with enigmail from my PC at home enigmail that the secret key is not available. The card reader is the same but how can I tell gpg that a key from the card has to be added to my keyring ?? Could you help please ? just a hunch, try importing your card's public key on your home PC. IIRC, the public key contains a stub that tells GnuPG to look for the secret key on the card. Ooops, just checked. Secret key on the keyring contains the stub. Export the public and secret parts of the card's key and import them on your home machine. -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A what's the key to success?/ two words: good decisions. what's the key to good decisions? / one word: experience. how do i get experience? / two words: bad decisions. Just how do the residents of Haiku, Hawai'i hold conversations? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
RE: GPG signature verification problem?
You're getting Bad signature because gpg can't find the key. I've imported the key manually, and the result is still the same (Bad signature). GPGol has no problem verifying signature over that same message in the same Outlook window. And it can't find it because the keyserver helper program is being blocked at your proxy server. I've set the appropriate fields for HTTP proxy, including user name and password. WinPT still crashes on attempt to contact remote keyserver when I ask it to search for a key. If that doesn't work, you may either a) ask the Net-gods to open the keyserver port, 11371. Or, b) try to locate a keyserver operation on port 80. Yes, both are reasonable things to do - but they don't apply to this one particular case. *** Bear Stearns is not responsible for any recommendation, solicitation, offer or agreement or any information about any transaction, customer account or account activity contained in this communication. *** ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenGPG card indifferent places ?
--=20 John P. Clizbe Inet: John (a) Mozilla-Enigmail.org= You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A what's the key to success?/ two words: good decisions. what's the key to good decisions? / one word: experience. how do i get experience? / two words: bad decisions. Just how do the residents of Haiku, Hawai'i hold conversations? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenGPG card indifferent places ?
Matthias Barmeier wrote: Hi, I have an OpenGPG card and created the keys on the card. Encryption and signing works perfect with enigmail. But when try to access encrypted mails with enigmail from my PC at home enigmail that the secret key is not available. The card reader is the same but how can I tell gpg that a key from the card has to be added to my keyring ?? Could you help please ? just a hunch, try importing your card's public key on your home PC. IIRC, the public key contains a stub that tells GnuPG to look for the secret key on the card. -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A what's the key to success?/ two words: good decisions. what's the key to good decisions? / one word: experience. how do i get experience? / two words: bad decisions. Just how do the residents of Haiku, Hawai'i hold conversations? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Quantum computing
Hi, On 200704181956, Robert J. Hansen wrote: Please bear with me. This is going to be long. Introductory cryptography in the middle of the night. Why would I miss it? :) Thanks for answering. As mentioned, Grover's is the best we can do for quantum speedups to brute-forcing. Grover's algorithm is a technique for using quantum mechanics to search through a database of N entries in time proportional to the square root of N, using an amount of storage proportional to the logarithm of N. Now, that said, Grover's has limits. Its first constraint is that it doesn't make problems trivial. It just increases our ability to deal with them. Brute-forcing a 128-bit cipher using a traditional computer is a ridiculous proposition, but using Grover's, it becomes as hard as brute-forcing a 64-bit cipher... hard, but possible. The executive summary being that increases in key sizes makes traditional symmetric cryptography keep up with advances in quantum computing, such as Grover's algorithm for searching the keyspace. Then... It would seem that quantum computers poses no threat to traditional cryptography -- helped by increases in key sizes...? Quantum computing poses no threat to symmetric cryptography. Asymmetric cryptography, however, gets a little funky. Shor's algorithm uses quantum mechanics to solve the integer factorization problem (and, I believe, the discrete logarithm problem) in extraordinary short time. The downside of Shor's is it requires an insane amount of memory--you need two qubits for each and every bit of the number you're trying to factor. So if you're trying to factor a 2048-bit RSA key, you need over four _thousand_ qubits. Our current largest quantum computer is about fifteen qubits. Which I also remarked in the original post. However, when (if?) commercial interests grab a hold of quantum computing, huge leaps in cost of production perhaps could be achieved, making memory-rich quantum computers abundant -- at least, from my chair, there's no obstruction to this future. (?) If and when quantum computing develops to the point where a research lab gets a couple of hundred qubits together, the OpenPGP working group will almost certainly add asymmetric algorithms that are highly resistant to quantum computing. Although this fight between attacking and defending computer security measures is probably inevitable -- no final solution will probably be found -- this pragmatism causes me to ponder the scenario in which something like Rice' theorem could be established for quantum computers' ability (or traditional computers' inability): Something that pops out of the blue and shatters all hope for traditional cryptography... Perhaps only in the long run, but still inevitably forces a move towards other measures of security. It's somewhat a political issue, too. Not that it can be solved politically, but it has political consequences -- will cryptography (or computer security in a more general sense) once again be for those who can afford it? -- But leave that be. For now, it's technical. You're asking a very, very detailed and technical question that requires a ton of disciplined study just to learn the language needed to describe the boundaries of the problem. If you really want to know this material, you need to take a graduate-level course in computational theory and a strong undergraduate course in quantum physics. You'll also need enough background in mathematics not to go running screaming from the room when people start talking about Hadamard matrices and discrete Fourier transforms and everything else that goes along with it. I'm already on it. Regards, skrewz. signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Quantum computing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Which I also remarked in the original post. However, when (if?) commercial interests grab a hold of quantum computing, huge leaps in cost of production perhaps could be achieved, making memory-rich quantum computers abundant -- at least, from my chair, there's no obstruction to this future. (?) Eh. I'm still unconvinced. It wasn't until last year that the final physics hurdle to large-scale QC was addressed (large systems have a strong tendency to near spontaneously decohere, turning your quantum computer into an expensive paperweight). We still have no idea how to apply this physics knowledge, however. Just knowing that something is possible doesn't mean the ability to do it is around the corner. We can teleport atoms in laboratories at the speed of light and we know how to do it for macro-scale items, but the engineering difficulties are so large that I doubt we'll see it in our lifetimes. While I agree that commercial development _may_ lead to developments in QC, I think it's equally likely that the engineering difficulties will be insurmountable. Which means that, from where I sit, we should just shrug and say we really can't say with any confidence what the future will or will not hold. found -- this pragmatism causes me to ponder the scenario in which something like Rice' theorem could be established for quantum computers' ability (or traditional computers' inability): What do you mean? Rice's theorem applies to QC. Computational theory is computational theory. We've already got very robust mathematics to describe the computational properties of QC. We know that BQP is a superset of P, that it does not encompass NP- COMPLETE, that it has some overlap with NP, etc., etc. It's true that in mathematics there could always be a proof delivered tomorrow by some hungry graduate student which will utterly shatter our knowledge of math as we know it. But this is true for all of mathematics. It's not as if this risk is special to QC. You should be just as concerned about the prospect of P=NP. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBCgAGBQJGKAhmAAoJELcA9IL+r4EJPM4H/3lBPfZa9Uo+86whHTtKX2Vi Y7tm/jXSdy0JVCXXjpOfl8tlb7vllX7OeG2PzCwjX8mbn20OaaEFccBLSRhKga00 YBKB6xdcaXtPDBHVq/bgFO2wFQyc77xdpdd6Uoem34OCx8H65XC/4N+pgvTC0LDj JkAGVaAABaCKwS4wIWrVNiFZRpVfuXDYx6QTaAWw789vDmVR3I06elbYVYHANnr4 R7KzTl+Y46qp2XMoKSLBore+xrvjqdailkMYP97D7rsYyCE5V3CtntoUYMerMiWy DgXjHR/kM06Ja1jaOTu4SKstE1zJjMGgHwj3qeCLgqvijiiuTmSYVdvhjMU4ROE= =wy/G -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
new (2007-04-15) keyanalyze results (+sigcheck)
New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2007-04-15/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the permanent files: 76244b4fc264e19b5ee69fe7de0f6878b1108e4f14694606preprocess.keys 5aca414bd54f27962782a1a6155d6bf74d6f48388565696 othersets.txt 7119db02b3ac10e6abbfe551800c3688457b3521006 msd-sorted.txt 1215b9e3ab23e89658cf0fb785338f7c649ee4ee2278keyring_stats 37e80fbfa2fee0ebba84139bc6fb1e8032104fe41385893 msd-sorted.txt.bz2 6ca3bc35cef7eb4ebca3530ae2203cd49e8c526026 other.txt 25d361da16fa85dbfc4374ce75ae2933f07ce3f81860783 othersets.txt.bz2 ff283d7a323433653e9604c90b7327337170bfee5988020 preprocess.keys.bz2 b22352acb227b0354e8f95cf43636b963866324815156 status.txt 0c82b9fd1bbb6892cbe4b7ebe68f5162a360fc74194588 top1000table.html b19019d41d31dd73d74a8c93d8cf0afbbff0895329651 top1000table.html.gz d1104dc76d1e52f9fb488edf84cc1db5f042e2e09781top50table.html 5cf52de9f2c6ce4979ffa577292970fe340e84bd2529D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? [EMAIL PROTECTED] _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 pgpmGugEVa3kw.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users