[Gnuk-users] Ed25519 for signing broken?
NIIBE Yutaka
gniibe at fsij.org
Thu Apr 2 08:52:33 UTC 2015
On 02/09/2015 08:27 PM, NIIBE Yutaka wrote:
> I wrote a message last month. Please refer:
>
> http://lists.gnupg.org/pipermail/gnupg-users/2015-January/052333.html
>
> Private key is encrypted by DEK (data encryption key) with AES. DEK
> is generated by random number generator.
>
> DEK is encrypted by a keystring, and this encrypted DEK is stored in
> flash ROM. Keystring is derived with s2k function (by salt and pass
> phrase).
>
> No keystring is stored in flash ROM (in Gnuk 1.1.x). Gnuk 1.0.x
> stores keystring in flash ROM temporarily.
>
> Well, I found a bug today in the function gpg_do_delete_prvkey in
> openogp-do.c (999-1011). It's possible keystring is stored in flash
> ROM there. I will fix soon.
No, it is not a bug. It was my description which was incorrect. Let
me clarify.
(1) In Gnuk 1.1.x, no keystring is stored in admin-less mode.
(2) In Gnuk 1.1.x, a keystring for admin is stored in flash ROM when
there is no private key registered in admin-full mode.
This keystring will be removed (and only becomes salt + key
length), when sining key will be registered.
This keystring will be recovered again, when sining key will be
removed.
--
More information about the gnuk-users
mailing list