File Share Encryption

Strange problem over here.

We store some PGD-files in aus SAN, protected with public key.

Opening those files, using PGP v8.x, works fine, opening using PGP v10 fails.

Why? Had a look at the properties of the PGD-files with two PGP-installations (v8.x and v10.x) using the same pub- and secring. The shown names/key ids are different!

The administrator's key (shown bold) is shown in v8 using the matchin realname and 0x7B38786C, in v10 it's shown as unknown user and 0x38D3AD89. - same PGD, same key rings, same user, different PGP versions.

How to solve this problem? Some user have to switch to v10, as Wndows 7 is used, some still prefer v8 with Windows XP.

Any help appreciated!

Please compare the key fingerprints in the two installations.  These will not be different if the same keys are actually in both installations.  Please also right click on each key in each installation, select Properties, and make sure that Validity is set to Implicit.  I'd also suggest right clicking on All Keys in both installations, select Propeties, and make sure that you are actually using the keyrings you mean to be using.

Thanks, Tom, but that doesn't help. - Why? The PGD-properties opened with v10 show three unknown keys with unknown ids. Same PGD opened with v8 show three known keys withs three known ids.

Yes, the key files secring & pubring are identical.

PGP v8 is used on WIndows XP (with a virtualized machine, using VMware ESX), PGP v10 is used with WIndows 7 on a physical box.

It's not only one installation with this problem, but at least three new installed notebooks, too.

Might you be using an earlier 10.x version than 10.0.3, and have your keyrings other than at the default My Documents locatioin?

Just updated today to 10.1.1 (Build 10) (PGP.SDK 4.0.1) without any change.

Yes, the key files are not stored on the PC, but on USB-card. No difference if U3 is used or not.

By "USB card" do you mean the private keys are on a smart card?  Or do you mean that you have a USB flash drive and the public and private keyrings are stored on the flash drive?

Both keyring files are stored on a) Freecom USBcard 128 MB and/or b) SanDisk Ultra Cruzer 8 GB (using U3). - The two devices are used for work and as backup, the files on both are identical, the key properties including fingerprints et all are identical.

I don't see, why we are looking at the key files.

The PGD files properties show different key ids when opened with v8 or v10!

Even if my keyring files would be completely different, and didn't include the proper keys: the PGD file PGP properties should/must show absolute identical key ids, shouldn't they?

I compared everything, including settings (AES-256, twofish). Shown the same, but different key ids.

Are these RSA legacy keys?  And would you mind posting one of the public keys here?  Thanks.

So the KeyIDs of your actual PGP keys are the same and correct when used in either PGP Desktop 8 or PGP Desktop 10, but the issues are:

- You can't mount the Virtual Disk in PGP Desktop 10, and

- The Virtual Disk User Access as shown in Desktop 10 gives a different KeyID and an unknown user.

Which exact version of PGP Desktop 8 are you using?

Hi David,

you got the situation clear!

The v8.0.1 of PGP is on the XP box, which can open the PGD files.

The Virtual Disk User Access as shown in Desktop 10 gives a different KeyID and an unknown user

All of our PGD files show the same problem, it's not only one but all. It's not only one key id in the User Access but all.

Bye / Ralph

I could not reproduce this issue (though my setup is not identical to yours).

In Desktop 8.0.2 I generated three keys (DH/DSS, RSA, RSA legacy).  I created two virtual disk files (CAST5 and AES256).  I added all three key users to the disks.

I copied the keys and keyring files and disk files to a PGP Desktop 10 installation.  I set my keyrings to be the keyring files, and the disk properties show correctly and I can mount either disk.  I also tried importing the keys into my (original) keyrings and could similarly see the correct properties and mount the disks.

Can you provide any more details?  Thanks.

Hi David,

took my XP box with PGP 8.0.1 and created a new key file for test with a new private key. Created a new 100 MB PGD file and added the key.

Moved PGD and key ring from harddisk to USB flsh drive.

Opened key file with 8.0.1 and opened PGP disk editor. I took screen shots and will attach the file.

Did the same with my Windows 7 x86 box and took screen shots too.

Same problem: I cannot open the disk with v10.1.1 and a different key id is shown.

Attachment(s)

PGP-problem.pdf   252 KB 1 version

Hi David,

what's going on with this issue? Waiting quite a long time for an answer.

1. Keyrings must be imported

2. Keyrings cannot be stored on flash drive any longer

Changed this and all worked fine.