EldoS | Feel safer!

Software components for data protection, secure storage and transfer

PGP: DSA requires the use of a 160 bit hash algorithm

Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.
#13848
Posted: 07/07/2010 09:00:24
by Michael Wise (Standard support level)
Joined: 07/07/2010
Posts: 5

I've searched in the forums for help on this, but was unable to find anything. We are exchanging data with someone using Gnupg software, but they are having problems importing my public key. They provided the following log content:

>gpg --import ASCEND-APM-PGP-PUBLIC-KEY.asc
gpg: DSA requires the use of a 160 bit hash algorithm
gpg: DSA requires the use of a 160 bit hash algorithm
gpg: DSA requires the use of a 160 bit hash algorithm
gpg: DSA requires the use of a 160 bit hash algorithm
gpg: key 067B0376: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: Total number processed: 1
gpg: w/o user IDs: 1


How do I specify 160 bit hash when establishing my public key? Do you have an idea what "no valid user IDs" mean?

Thanks for any assistance you can provide.
--Mike Wise
#13852
Posted: 07/07/2010 10:40:07
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Hi. Where you get that public key? If generated with SBB, you can use QBits property (set it to 160) before generation. Also, SBB by default generates DSA keys with 160 bits hash, if key size is 1024 or less.
#13853
Posted: 07/07/2010 10:42:23
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

And, about 'No valid User IDs' - it's because GPG doesn't recognize signature over user id (because it is DSA, and hash size is not 160 bit).

And, which version of GPG you are using? Current version of GPG supports longer hashes with DSA.
#13858
Posted: 07/07/2010 12:39:46
by Michael Wise (Standard support level)
Joined: 07/07/2010
Posts: 5

Mykola,

I am using 2048 for the key size, and have now set the QBits property to 160 (prior to generation) and have supplied my partner with the new key for testing. I've requested the gpg version they are using; based on their documentation it appears to be gpg (GnuPG) 1.4.1.

I will let you know when I hear back from them. I appreciate the prompt feedback and helpful suggestions.

--Mike
#13860
Posted: 07/07/2010 13:23:51
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

GPG 1.4.1 is quite old - current version is 2.0.15, and at 2005-07-27 was released GPG 1.4.2.
#13880
Posted: 07/09/2010 13:10:51
by Michael Wise (Standard support level)
Joined: 07/07/2010
Posts: 5

I received confirmation that your suggestion to set the QBits property to 160 resolved the problem. Thanks again for the great support!
#13966
Posted: 07/20/2010 16:28:33
by Michael Wise (Standard support level)
Joined: 07/07/2010
Posts: 5

Update: they've sent me an encrypted file using the 160 bit based public key which I can't decrypt; I get the following error:

No appropriate OpenPGP secret key for decryption found.

I tried using the Demo program to decrypt it, and it doesn't prompt for the KeyPassPhrase.

Is there anything I need to set specific to this 160 bit setting prior to calling decrypt?

thanks,
--Mike
#13971
Posted: 07/21/2010 02:56:04
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

1. Do you really have a correspondong secret key?
2. Please check, which algorithm used for encryption (gpg --list-packets your-encrypted-file.gpg). If it is IDEA (number 1), please check if you have connected IDEA plugin.
Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.

Reply

Statistics

Topic viewed 4036 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!