Question #63186 “Error decrypting PGP files with IDEA encryption...” : Questions : Ubuntu Privacy Remix

Revision history for this message

Mark Preetorius (p-launchpad-privacy-cd-org) said on 2009-03-06:

#1

This question is already answered in bug 320883, please have a look at the bugtracker:

https://bugs.launchpad.net/upr/+bug/320883

Since using IDEA is crap anyway, another solution than adding IDEA support to gnupg could be to remove IDEA from your keys "preferred algorithms" list, export the public key again an give it to your communication partners that use NAI-PGP 7.0.3.
If your key does not state that you are IDEA capable, PGP 7 should not use it anymore when encrypting for you.

If you are familiar with the shell, you could have a look at your keys preferences inside "Ubuntu Privacy Remix" with

~$ gpg --edit-key <your_key_id>
Befehl> showpref

This should show you something like this (seeing your name I suppose your shell is german):

<your_key_name>
     Verschlü.: AES256, AES192, AES, CAST5, 3DES, [1]
     Digest: SHA1, SHA256, RIPEMD160
     Komprimierung: ZLIB, BZIP2, ZIP, nicht komprimiert
     Eigenschaften: MDC, Keyserver no-modify

[1] in the second line equates to IDEA, which the running System does not know. To set the preferences without IDEA you can tell gpg all desired algorithms in one line at the --edit-key-prompt, e.g. like this:

Befehl> setpref AES256 AES192 AES CAST5 3DES SHA1 SHA256 RIPEMD160 ZLIB BZIP2 ZIP Uncompressed MDC

Since you are making changes to your key, of course you will be prompted for your password. After this the "showpref" command should show the algorithm-list without IDEA, e.g.:

<your_key_name>
     Verschlü.: AES256, AES192, AES, CAST5, 3DES
     Digest: SHA1, SHA256, RIPEMD160
     Komprimierung: ZLIB, BZIP2, ZIP, nicht komprimiert
     Eigenschaften: MDC, Keyserver no-modify

Now you can export your public key again and distribute it to your communication partners.
NOTE: As long as they use the key exported *before* you made the changes, their PGP will still use IDEA. This solution only fixes the problem if they reimport the newly exported key.

But that seems to be a complicated way. Maybe it would be easier to generate a new key with seahorse/gnupg inside the "Ubuntu Privacy Remix"-System. I would favor them over one generated with the closed-source NAI-PGP anyway.

This question is already answered in bug 320883, please have a look at the bugtracker:

https://bugs.launchpad.net/upr/+bug/320883

Since using IDEA is crap anyway, another solution than adding IDEA support to gnupg could be to remove IDEA from your keys "preferred algorithms" list, export the public key again an give it to your communication partners that use NAI-PGP 7.0.3. 
If your key does not state that you are IDEA capable, PGP 7 should not use it anymore when encrypting for you.

If you are familiar with the shell, you could have a look at your keys preferences inside "Ubuntu Privacy Remix" with

~$    gpg --edit-key <your_key_id>
Befehl> showpref

This should show you something like this (seeing your name I suppose your shell is german):

<your_key_name>
     Verschlü.: AES256, AES192, AES, CAST5, 3DES, [1]
     Digest: SHA1, SHA256, RIPEMD160
     Komprimierung: ZLIB, BZIP2, ZIP, nicht komprimiert
     Eigenschaften: MDC, Keyserver no-modify

[1] in the second line equates to IDEA, which the running System does not know. To set the preferences without IDEA you can tell gpg all desired algorithms in one line at the --edit-key-prompt, e.g. like this:

Befehl> setpref AES256 AES192 AES CAST5 3DES SHA1 SHA256 RIPEMD160 ZLIB BZIP2 ZIP Uncompressed MDC

Since you are making changes to your key, of course you will be prompted for your password. After this the "showpref" command should show the algorithm-list without IDEA, e.g.:

<your_key_name>
     Verschlü.: AES256, AES192, AES, CAST5, 3DES
     Digest: SHA1, SHA256, RIPEMD160
     Komprimierung: ZLIB, BZIP2, ZIP, nicht komprimiert
     Eigenschaften: MDC, Keyserver no-modify

Now you can export your public key again and distribute it to your communication partners. 
NOTE: As long as they use the key exported *before* you made the changes, their PGP will still use IDEA. This solution only fixes the problem if they reimport the newly exported key.

But that seems to be a complicated way. Maybe it would be easier to generate a new key with seahorse/gnupg inside the "Ubuntu Privacy Remix"-System. I would favor them over one generated with the closed-source NAI-PGP anyway.

Revision history for this message

Mark Preetorius (p-launchpad-privacy-cd-org) said on 2009-04-17:

#2

Mark Preetorius suggests this article as an answer to your question:
FAQ #503: “OpenPGP”.

Revision history for this message

Mark Preetorius (p-launchpad-privacy-cd-org) said on 2010-10-28:

#3

.

Ubuntu Privacy Remix

Error decrypting PGP files with IDEA encryption

Question information

Subscribers

Ubuntu Privacy Remix

Error decrypting PGP files with IDEA encryption

Question information

Related bugs

Related FAQ:

Subscribers