Recovery of PCSECURE files and bogus GnuPG algorithms

john clark lurq_gnupg@yahoo.com
Wed Jun 19 06:13:02 2002


hi guys,

the ff is a record of correspondence that took place
between my friend and Mr. Zimmermann last June 10.

My friend was asking PRZ some help about an old DOS
encryption program he got problems with. 

He encrypted the message to PRZ using gpg, but some of
the gnupg options were altered, like tiger loaded,
cipher-algo twofish digest-algo tiger192, etc...

PRZ was unable to decrypt the message. The ff email
messages follow this.

=======================================================

From: Philip Zimmermann <prz@mit.edu>
To: "John Edward R. Mallen" <trauma@surgical.net> 
Subject:  Re: Recovery of PCSECURE files and bogus
GnuPG algorithms 
Date:  Mon, 10 Jun 2002 10:35:17 +0200 


Sorry, Jed, I have no experience with PCSECURE.  Never
used it 
or even seen it.
You might have to hire a consultant to spend the time
looking 
into the matter.
I could spend some time on it, but that would run you
$2000/day.

There are companies that specialize in this kind of
data 
recovery.  One is AccessData,
which I presume might use accessdata.com as its web
address.  I 
can't check if that
is the right URL now, because I'm on a plane high
above Bangkok 
at the moment.  I'll
upload this email when I reach Perth.

Changing the subject-- I'm curious how you generated
the earlier 
message to me,
the one that had a bad session key due to using the
wrong 
algorithm in GnuPG.
Exactly what GnuPG settings did you use to generate
that 
message?  You had to override
my own public key's settings to generate that message
with that 
algorithm.  How did
you do that?

I noticed this time you left off the GnuPG version
labels, which 
are purely cosmetic.
Were you worried that they would somehow offend me for
not using 
the real PGP?
Believe me, it was not a question of what product you
were 
using.  It was a question
of using a nonstandard algorithm within the product.

Regards,
Phil


On Friday, June 7, 2002, at 04:12  PM, John Edward R.
Mallen wrote:

> ....
>
> 	How can I go about this task?
> 	
> 	Thanks.
>
> - jed
>
>
> -----BEGIN PGP PUBLIC KEY BLOCK-----
>
>
mQGiBDko8IQRBADdu9tQ6Ok1dSByiX+NB6UrK4qk1PLrMSCq+5TnJ+JnBFpLS++3
>
LTDTrBNajowm/ImOkdvxrvlhMrZmZ20Tm1qJyLx0PjTSb962fxnBSLocmuC08YV5
>
gurFzb2a7ngcd/8owPbgYtVDFhCxeNnu+Zo6FC8GmsuycSS0lHXb8W7xFwCgzLcB
>
5DKPRtTe/peoB/hZardZauED/jKY/dS6In5PjtM5GegwjSHRgse1nAGUXL4HAdvz
>
/yCa5dg8KcBVNLTZ5jg+iIoagoRxIBD4hj7QQtgVPrB5gq5ymLjVcY06pxobl54C
>
btRHJLsMfZUvxIcdWChRo+C6RYkT8IpWsT++CqjcCWfYhNW1c2A31aEQfDt7H5WN
>
VmDtA/9oDzIfBh35SHgiOJbsxajHxuyo2RnEkku9NUXZ8D3oqU+svGhQGhksOkWw
>
S9w/1THdo3kshHg0bWMykkC/4R3INzk283o/JYIxG39BNxWcdrCvPbof9BYMjyh2
>
fkBCYDZN5/KEyr3x0vcxiXL950rLJgVWMpeV3TZ3tDPjNfVfJLQjSmVkIFIuIE1h
>
bGxlbiA8dHJhdW1hQHN1cmdpY2FsLm5ldD6IXAQTEQIAHAIeAQIXgAcLCQgHCgME
>
AxUDAgMWAQIFAjko8IYACgkQluOtB0iIhFjTIwCdGKqeySZA/Xr23EXYRn1NWrpg
>
05gAn2sdc06lAZrYLwlWmgozTDuaJojruQMNBDko9vgQDADKcCHxPqyVgF/LFkqT
>
hMQbL+PkO7az8KCYYKFO84LsTVZ8/N37YadXJSpsy0s86aTZ/ahNzoqLWIwInOrt
>
OFft7fbT9wmBvAUJB7tTinNNhMA96jSgIgJFrjXqqP0w7/JJYhsirAFmKh9Yp1mn
>
U+Yvoolxf1ioTesEXetUGie9l1PlgQuxu41av+EmoF2igiKxlmvZZQiJkX0/GaQ4
>
1CC5oqFbnDdAKD4pVZHOo1pBIMvvFudbFr2GZTEEQSZ2+mJ41ozJgAVjeiFNt1kj
>
v5lLROYbgE/NMqDZKyaiDjzza/gfvwIYeg4QlMxOPn8TWQdOutZ3V5DiKZ7XOLtx
>
4VpUCCT5zGPbrtU7p34sQfFNF4sDxd7c+mWtn3rJDieH/x7P+7WE2HgZ31hNPHeU
>
HWlPs/VJ84+CswB24s3Bj6Rbvuy9J4u3aNmm8Mi+qGf35f0rfjHYOZuC+lMGBIOp
>
bjkywncD99c6jAlP4FqKLHoSIZRqcKKF2jrI/CVin7MYbksAAwUL/inihvRKrbhC
>
q616GrKRndhj8H6bde4sjcVvJ/PWFxbgdupHP4oa8IVjXxjSBA0Y4i8gGcUIZviF
>
FWzJ+rS5hvqbA6lnpzGCBB9Z1K8fEN60Kk1LXOaq2SaYHKfW4+BV7brlnQZJifsX
>
z2TBoO+WeZ4eBY/C/wfq8E1Fbgqcst/zBdAJpujTzDutBDjd9TItMP9GuY1RrNEl
>
cMMjj/JCgYp0i+RvGMHnBx3ft8BMDQ1Oe4rb2Cm0nIDI2nVwsWKo0N8xt4hjoclR
>
6KnpTHeIBUKtX/WIrc+VbEYNfYJuzhvKrcPeQ8miobX7swufKP2zp7YQFKIDz5Tj
>
1wDkDXRp1CRVtuJgpTnhrWABdC3DZ2031+QXdTgDlJMa44TRpvAYvvdFavFZ/LyC
>
V6XPIaun02Kw4ng8DGprn6jbGnKHZa8RFXBHbP0izEYr9TolRVaNCI6pv+PIJYUY
>
MXa3FCjVluLfLI5WnMjRpMM6KXDwOYtza30vv1RsShfNPOtSgI4Bc4hGBBgRAgAG
>
BQI5KPb4AAoJEJbjrQdIiIRYH3EAoJKy28HpALXp+7Ts5k8lg3+JEpkxAJ9C3Bno
> cKjsKsQZ5rn2cl5ZgmeJQQ==
> =bFd0
> -----END PGP PUBLIC KEY BLOCK-----
>
>

Philip R Zimmermann        prz@mit.edu
http://philzimmermann.com  tel +1 650 322-7377
(spelled with 2 n's)       fax +1 650 322-7877


 
=================================

my consequent lame reply...


>> Sorry, Jed, I have no experience with PCSECURE. 
Never used it
>> or even seen it....
>
> Thank you sir, but I've decided to just learn 8086
asm or 
> anything that'll help me open this encrypted file. I
don't 
> really know how I'm supposed to go through with this
but even 
> if I can't be successful in this endeavor, there's
no loss in 
> learning something, right? Wish me luck :)
>
>> Changing the subject-- I'm curious how you
generated the earlier
>> message to me,
>> the one that had a bad session key due to using the
wrong
>> algorithm in GnuPG.
>> Exactly what GnuPG settings did you use to generate
that
>> message?  You had to override
>> my own public key's settings to generate that
message with that
>> algorithm.  How did
>> you do that?
>
> I'm currently using GnuPG 1.0.7.
> My ~/.gnupg/options file at the time I encrypted
that message 
> has the ff settings:
>
> #--------------------
> default-key jed
> load-extension tiger
> cipher-algo twofish
> digest-algo tiger192
> #--------------------
>
> Maybe it overrode your public-key algo preferences,
although 
> I'm not sure if it can do that. Probably not. For
sure I cannot 
> change your preferred algorithms because I don't
have your 
> secret key.
>
> Must be that I encrypted the message to your pubkey
but it also 
> encrypted it to my key because of the default-key
preferences. 
> But in this case you can still decypt the message,
right? I 
> tried decrypting the cipher text but I can't. stderr
says I 
> don't have your secret keys.
>
> BTW, my preferences for the key I used was I think,
S10 S9 S8 
> S7 S3 S4 S2 H2 H3 Z1 Z2
> though I'm not really sure because I already changed
it to have 
> Rijndael256, Rijndael192, and Rijndael after reading
on the AES 
> contest some.
>
>
>> I noticed this time you left off the GnuPG version
labels, which
>> are purely cosmetic.
>> Were you worried that they would somehow offend me
for not using
>> the real PGP?
>
> A bit, yes. I emailed you sometime in 1998 about how
great PGP 
> was after using it for the first time. I asked you
to send me 
> an encrypted email. You said you were busy but you
still 
> replied which was a big thing for me. Someone who I
hold in 
> high regard (like a rockstar of some sort) sends me
email. I 
> was so naive at that time. I don't know if you still
remember 
> that. Probably not.
>
> I still use PGP 6.5.8 on my other linux box. I just
like to 
> play with GnuPG because it gives me more room to
fool around 
> with crypto.
>
>> Believe me, it was not a question of what product
you were
>> using.  It was a question
>> of using a nonstandard algorithm within the
product.
>
> I'm confused by this. By standard do you mean
OpenPGP or just PGP?
>
> Can I ask you some more questions?
>
> Do you keep in touch with the GnuPG people?
>
> If Twofish or some other cipher algorithm is not
used in PGP, 
> does it mean that you think this algorithm is weak?
>
> Or just that it is not designed as well as AES but
is still 
> secure in itself?
>
> THANK YOU SO MUCH Mr. Zimmermann. You don't know how
much it 
> means to me to correspond with you. Thank you for
not having a 
> large ego and being so down to earth.
>
> - Jed
>
>
>
> --


=======================================================================
and his answer....

From: Philip Zimmermann <prz@mit.edu>
To: "John Edward R. Mallen" <trauma@surgical.net> 
Cc:   
Subject:  Re: Recovery of PCSECURE files and bogus
GnuPG algorithms 
Date:  Tue, 18 Jun 2002 23:14:44 +0800 


I am paying $10/minute to type this reply from Tokyo,
so I don't 
have time to tutor you from my hotel room.

Just follow my advice without exp[lanation:  Eliminate
all 
algorithms from your preferences that are not
supported by the 
real PGP.

Eliminate any hashes except SHA1, no other hashes. 
Also 
eliminate Elgamal signatures (but leave el gamal
encrytion).
Eliminate Blowfish.  Eliminate TIGER stuff.

I can't spend another $30 to explain why.  Just do it,
if you 
value expert advice.

------------------------------------------------------
Philip R Zimmermann        prz@mit.edu
http://philzimmermann.com  tel +1 650 322-7377
(spelled with 2 n's)       fax +1 650 322-7877


=========================

Would it be advisable for my friend to follow PRZ's
advice and just use the PGP algorithms? What if my
friend wants twofish more? Then people like PRZ won't
be able to read his email right?

What do you guys think? I think PRZ should get down
from his high horse and stop sour-graping about GnuPG.



__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com