A security bug in PGP products?
Ondrej Mikle
ondrej.mikle at gmail.com
Tue Aug 22 07:53:41 EDT 2006
Max A. wrote:
> Hello!
>
> Could anybody familiar with PGP products look at the following page
> and explain in brief what it is about and what are consequences of the
> described bug?
>
> http://www.safehack.com/Advisory/pgp/PGPcrack.html
>
It seemed a bit obscure to me at first, but it says basically:
PGPdisk does not use key derived from passphrase, just does simply this:
if (somehash(entered_password) == stored_password_hashed) then
access_granted();
That's the REPE CMPS chain instruction (string comparison). The check
can be simply skipped using debugger by interrupting the program,
changing CS:EIP (i.e. the place of execution) to resume after
"successful" check. The text probably implies that the key is stored
somewhere in the PGPdisk file and key's successful extraction does not
depend on knowledge of the passphrase.
So if you change passphrase, the disk won't get re-encrypted, just by
copy&pasting the old bytes you will revert to the old passphrase or you
can create another disk with passphrase chosen by you and use
copy&pasting method to decrypt other PGPdisk protected with passphrase.
I haven't checked myself if their claim is true, but it's possible.
Hope that helped
O. Mikle
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list