EldoS | Feel safer!

Software components for data protection, secure storage and transfer

OnEncryptedEvent returning parent key and all sub keys

Posted: 11/12/2015 18:05:36
by Travis Mathison (Priority Standard support level)
Joined: 10/07/2015
Posts: 9

When DecryptAndVerify is called the SecureBlackbox PGP library would fire off an OnEncryptedEvent and OnSignatureEvent which would tell you which KeyID’s were responsible. If you have a subkey that was given the decryption role then the event should report back just that subkey’s KeyID and not the parent key it’s a subkey of (nor other subkeys under the same parent key).

This worked correctly with our old key which used DH/DSS, 2048/1024, IDEA. We have generated a new keypair using RSA, 4096, IDEA and the behavior of these events have changed. When the events fire it returns 3 KeyID’s back; the parent key, and both subkey’s (one subkey is for decryption and one for signing).

In our new key we have a parent key with no roles and doesn’t expire and two subkeys that do expire with one that can sign and the other for decryption.

Why are all of these KeyID’s coming back when only one of them is configured for the given operation (decryption or the signing). This worked in the past and the only thing we have changed was the creation of this new key. The old behavior of getting only the one KeyID back from the event still works properly for files encrypted to our old key.

Is there a known behavior change for RSA keys as opposed to DH?
Posted: 11/13/2015 04:52:24
by Ken Ivanov (Team)

Hi Travis,

Thank you for contacting us.

As a matter of fact, OnEncrypted doesn't know anything about the keys hierarchy. It only recovers the list of KeyIDs from the encrypted message (which have been put there by the encryptor) and passes them back to the user. If you get three KeyIDs in OnEncrypted, this means that all three keys have been used to encrypt the message and any of them can be used to decrypt it.

If you control the encryption stage, you can select which keys to use by setting their Enabled property. I.e. you can set Enabled to false for the main key and keep it set to true for the encryption subkey.

The difference between RSA/RSA and DSS/Elgamal (wrongly called DH/DSS by some PGP software) keys is that any RSA key is capable of both signing and encryption - in contrast to DSS keys only being capable of signing and Elgamal keys only being capable of encryption. That is, while there is no technical way to use both parts of a DSS/Elgamal key for encryption (and thus only the Elgamal part is used for it), both RSA key and subkey can encrypt data. Therefore when encrypting or signing data with an RSA/RSA keypair you need to specify which exactly key or subkey to use.

Posted: 11/13/2015 14:08:12
by Travis Mathison (Priority Standard support level)
Joined: 10/07/2015
Posts: 9


That clears up a lot of confusion here. I think there were some assumptions we had made when we set the subkeys up that don't make sense when using RSA as opposed to DSS/Elgamal. Sounds like having a non-expiring parent key with just one expiring RSA subkey that has both capabilities will be the way to go.

We'll do some testing based on what you have stated above.

Thanks for the quick response!




Topic viewed 1360 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!