Endpoint Encryption

 View Only

  • 1.  Help. Never seen this before

    Posted May 02, 2013 09:39 PM

    Hi,

     

     I am running pgp 6.5.8 on hp-ux 11i

    I gave a vendor my public key, they sent me a file encrypted with my key, but when I try to decrypt the file, I get this:

     

    ftg@fhprod20:/ftg/FROM_EQUIFAX/RCEV> pgp +force YP-DATAEXTRACT-CONSUMER-30-Apr-13to01-May-13.txt.pgp
    Pretty Good Privacy(tm) Version 6.5.8
    (c) 1999 Network Associates Inc.
    Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
    Export of this software may be restricted by the U.S. government.

    File is encrypted.  Secret key is required to read it.

    Key for user ID: ftg <ftg@fhprod20>
    1024-bit DSS key, Key ID 0x9AB7F38D, created 2011/01/13
    Key can sign.
    ftg@fhprod20:/ftg/FROM_EQUIFAX/RCEV>

    Yet, the file does not decrypt. I have been working with pgp for quite a few years now and I have never seen this before, has anyone ever seen anything liek this? I have tried a couple of different options such as -p as well as -o but still the same results.

    Thanks in advance,

    Joe



  • 2.  RE: Help. Never seen this before

    Posted May 02, 2013 11:34 PM

    6.5.8 is around 13 years old.  Since then, there have been a number of improvements in algorithms and hashes.  If the sender used any of these newer, more secure, improvements in the encryption, your PGP version would not be able to do the decryption.  If the sender wants to make this compatible with you, he/she could accomplish this with using a v3 RSA key, which current versions can still use, but cannot generate.  Another key that would be compatible would be a DH/DSS key allowing only SHA1 for the hash, key size not larger than 4096/1024, and key supporting only IDEA, 3DES, and/of CAST .  These suggestions will likely take care of the problem if the sending person is either signing the encryption or also encrypting to their key.



  • 3.  RE: Help. Never seen this before

    Posted May 02, 2013 11:57 PM

    Version 6 is also the old Network Associates (McAfee) version, and is not supported by Symantec Corporation.  We don't have any experience with it here.



  • 4.  RE: Help. Never seen this before

    Posted May 03, 2013 08:45 AM

    Thanks, that was very helpful. I had asked the vendor what version they are using, since I knew our version was old, just didn't think it was 13 years old, and that could had been the problem. I will definitely pass this info on to them and hopefully that resolves it. Unfortunately we just would not be albe to upgrade at this current time since this is one process compared to the hundreds we have running and working.

    Thanks again,

     Joe



  • 5.  RE: Help. Never seen this before

    Posted May 03, 2013 09:27 AM

    Hi Joe,

    I hope my prior post does prove to be sufficient for your need.  If it does, please remember to come back and mark it as the Solution.