Endpoint Encryption

Hi,

PGP Server - Windows Server 2003
PGP Version - 10.2 build 283
Client Encryption tools - GPG 4 Win Version 2.1.0
File encrypted without ascii armor mode. File upload via Tectia File Transfer binary mode.

Scenario:
Client uploaded 2 files for us. Both file also return error when we try to decrypt using the following command:
pgp --decrypt *filename --overwrite remove

Error:
<3131:multiple PGP blocks found in single input stream>
<3090:operation failed, Modified data detected in integrity-protected encrypted data>

Tried dump packet with the follow result:
pgp --dump-packets LU0815T2.dat.gpg
Old: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes)
        New version(3)
        Key ID - 0x04783150B6239486
        Pub alg - RSA Encrypt or Sign(pub 1)
        RSA m^e mod n(2048 bits) -
     0: 80 7b cd c3 44 35 19 c0 65  cf a6 77 eb 34 c6 38  |.{..D5..e..w.4.8|
    16: 5b a0 fb 50 75 a7 fd 28 76  a7 4a ac 69 3b 02 3c  |[..Pu..(v.J.i;.<|
    32: 57 38 9d 55 ba 35 e3 8d c2  82 b7 3a 17 3d f1 d6  |W8.U.5.....:.=..|
    48: 08 6e 05 51 10 77 08 3c 69  00 16 03 f5 58 e7 a6  |.n.Q.w.<i....X..|
    64: 6f 3f 27 8c 7b bd a4 db ce  4a 39 8e a8 6c 02 03  |o?'.{....J9..l..|
    80: 03 c4 af 3f b4 aa 2a c3 ac  c9 58 2a f7 1a ab 0f  |...?..*...X*....|
    96: 4b 28 37 e4 69 c9 07 49 4c  97 25 69 c9 9f fe 64  |K(7.i..IL.%i...d|
   112: d1 28 ac 10 3f 98 2d 91 eb  d0 18 ba 06 33 ca c9  |.(..?.-......3..|
   128: a0 3c a4 17 df 66 4e df ae  7d 29 56 67 72 9e 75  |.<...fN..})Vgr.u|
   144: 02 9d 65 66 cb 91 62 ee 67  8a 43 0c d6 44 88 64  |..ef..b.g.C..D.d|
   160: e0 6c bf e1 4b 7f e6 94 2b  52 d1 b6 8a 80 ed 0b  |.l..K...+R......|
   176: 29 77 eb 11 f1 ec b3 27 95  14 b4 55 2f d6 37 78  |)w.....'...U/.7x|
   192: 9e 0c 02 b9 73 c4 9a 11 d0  65 3c 98 64 13 3f b4  |....s....e<.d.?.|
   208: d5 ca d4 a8 3c 73 59 c0 74  bf 28 53 ad 34 3a 5a  |....<sY.t.(S.4:Z|
   224: b9 4f aa 12 0c d8 83 a8 a3  b6 a0 1c 55 b7 c1 10  |.O..........U...|
   240: c4 4a b7 32 90 4d e2 5d 4b  79 89 38 1f 85 87 89  |.J.2.M.]Ky.8....|
                -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02
New: Symmetrically Encrypted and MDC Packet(tag 18)(8192 bytes) partial start
        Ver 1
        Encrypted data [sym alg is encrypted in the pub session key above]
                (plain text + MDC SHA1(20 bytes))
New:    (8192 bytes) partial continue
New:    (8192 bytes) partial continue
New:    (8192 bytes) partial continue
New:    (189 bytes) partial end
New: unknown(tag 49)(58 bytes)
Old: Reserved(tag 0)(114 bytes)
Old: Trust Packet(tag 12)(until eof)
        Trust -
LU0815T2.dat.gpg:dump packets (0:packets decoded successfully)

Attached the affected file as well.

How to fix this issue/avoid this issue in the future?

Appreciate any fast response as this is affecting our production file processing.

Thank you

Hi ahhann, Use hashing (MD5/SHA-1) to confirm the file integrity. If it was corrupted during transfer you will need to search an alternative method. Perhaps splitting the original (or the encrypted) file in smaller zip/rar archives or a slower transfer rate will help. Attempt to transfer the file at once without interrupting/resuming the data transfer. HTH, dcats

Hi,

 

We've found out the culprit. When our client triedto upload the encrypted file abc.dat.gpg, a similiar file with the same name already exist in the folder. Rightfully, the old file should be replaced by the newer upload of the file. However, we notice that both file was merged, hence resulting the multiple PGP file in one source.

Hi ahhann,

I found this quite interesting!
Thank you very much for sharing the findings.


Rgs
dcats