Mailing List Archive: GnuPG: users

Lost passphrase

Index | Next | Previous | View Threaded

gnupg at nick

Sep 23, 2002, 3:13 PM

Post #1 of 8 (968 views)
Permalink

Lost passphrase

I searched through the FAQ and newsgroups, but to no avail.

I have my secret key, but not the passphrase. Is my only option a
brute-force attack on the passphrase? Can GnuPG be modified to ignore the
passphrase?

I just want to generate a revocation certificate for an old key that I am
no longer using.

Please cc me any response, and thanks in advance.

Nick

chilts at birdbrained

Sep 23, 2002, 3:21 PM

Post #2 of 8 (941 views)
Permalink

Re: Lost passphrase [In reply to]

> I have my secret key, but not the passphrase. Is my only option a
> brute-force attack on the passphrase? Can GnuPG be modified to ignore
> the passphrase?

Wouldn't be much point in the passphrase if there were a way.. No,
unfortunately you're pretty much out of luck. When you make your new key,
make a revocation certificate at the same time and stash it somewhere
safe. This is a lesson I'm still learning, as you can tell by the various
public keys I have gently rotting on the keyservers.

Sorry I couldn't give you better news.

Chris Hilts
chilts [at] birdbrained

cova at ferrara

Sep 23, 2002, 3:33 PM

Post #3 of 8 (938 views)
Permalink

Re: Lost passphrase [In reply to]

Il 19:01, domenica 22 settembre 2002, Nick ha scritto:
> I searched through the FAQ and newsgroups, but to no avail.
>
> I have my secret key, but not the passphrase. Is my only option a
> brute-force attack on the passphrase? Can GnuPG be modified to ignore the
> passphrase?
>
> I just want to generate a revocation certificate for an old key that I am
> no longer using.
>
> Please cc me any response, and thanks in advance.
>
> Nick

No way. Obviously, the passphrase is here just to avoid that someone gets the
secret key. Otherwise the passphrase will have no meaning at all. If you have
chosen a good passphrase, you're out of luck. Time to create a new keypair, I
fear.

--
Fabio Coatti http://www.ferrara.linux.it/members/cova
Ferrara Linux Users Group http://ferrara.linux.it
GnuPG fp:9765 A5B6 6843 17BC A646 BE8C FA56 373A 5374 C703
Old SysOps never die... they simply forget their password.

rmalayter at bai

Sep 23, 2002, 10:50 PM

Post #4 of 8 (936 views)
Permalink

RE: Lost passphrase [In reply to]

From: Nick [mailto:gnupg [at] nick]
> Is my only option a brute-force attack on the passphrase?
Yes. Although if you remember anything about the structure of the
passphrase, you can make a "smarter" brute-force engine. If you can
remember enough to get the number of "tries" down to something like
2^40, you can probably crack it yourself on a PC with a brute-force
script.

> Can GnuPG be modified to ignore the passphrase?
Sure, but this would produce nonsense results. You need the passphrase
to recover the original private key. The passphrase is used (after
hashing) as the key to a symmetric encryption (usually with CAST) of the
private key. This is why your private key file is safe even when it
falls into the wrong hands.

>I just want to generate a revocation certificate
>for an old key that I am no longer using.
Can't do that without the private key. You do have some form of
expiration date on that key, right? My suggestion is to generate a new
key, and explain in the description that the old key is dead.

Regards,

Ryan Malayter
Sr. Network & Database Administrator
Bank Administration Institute
Chicago, Illinois, USA
PGP Key: http://www.malayter.com/pgp-public.txt
:::::::::::::::::::::::::::::::
Men stumble over the truth from time to time, but most pick themselves
up and hurry off as if nothing happened.
-Sir Winston S. Churchill

ml at mareichelt

May 22, 2006, 6:18 AM

Post #5 of 8 (932 views)
Permalink

Re: Lost passphrase [In reply to]

* kennerly [at] comcast wrote:

> Does anyone know of a perl script or some other utility that could
> bruteforce the rest of it? I'd rather not have to revoke this key.

Have a look at http://www.vanheusden.com/nasty/

--
left blank, right bald

hhhobbit at securemecca

Apr 17, 2007, 9:14 PM

Post #6 of 8 (644 views)
Permalink

Re: Lost passphrase [In reply to]

Thomas Sowa <groups [at] sowa> wrote:

<SNIP>

I have read what everybody has said on the subject and one
thing needs to be said again. THE DEFAULT EXPIRE FOR A NEW
KEY NEEDS TO BE FOR TWO YEARS FROM DATE OF KEY CREATION!
If they want to change it after they have used them for a
while and like what they have, then they can extend the
TTL for a greater period of time.

I was going to go into detail on why but rather than doing
that, Thomas, wouldn't you like your first key to eventually
die (even though it looks like it was created less than
four months ago)? Don't the rest of you want the same?

I DO!

Most of the people that are in this situation will have lost
their pass-phrase and will not have used their keys for 1-2
years. With luck it will be over two years, and the old keys
will have already gracefully expired and died. It seems like
geniuses (excuse me for not being in that category) would
see this.

For that matter, I think the pressure to shove their keys
on to key-servers immediately just needs to be dropped.
I finally caved in and put my keys on the key-servers even
though my keys are obviously tied to a nom-de-guerre and
therefore are NOT part of the WOT. BUT THEY HAVE A TTL OF
LESS THAN ONE YEAR NOW! When they die, they die, and I
will generate a new set of keys, just like Johannes
Ulrich (SANS) and others do. His time span is a year though.
My new keys will also have a TTL, and it won't be infinity!
Increasing computing power alone have made such things as
DES almost laughable now. Keys shouldn't be made with the
idea that they can last forever.

I don't blame Thomas. People make mistakes. A system that
doesn't take that into account needs to make some changes
to minimize the impact of a mistake.

HHH

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

rjh at sixdemonbag

Apr 17, 2007, 9:59 PM

Post #7 of 8 (646 views)
Permalink

Re: Lost passphrase [In reply to]

> I have read what everybody has said on the subject and one
> thing needs to be said again. THE DEFAULT EXPIRE FOR A NEW
> KEY NEEDS TO BE FOR TWO YEARS FROM DATE OF KEY CREATION!

That's making some really big assumptions about the security policy
of the person making the key.

There are also a lot of perfectly good alternatives which should
perhaps be excluded first.

Also, a two-year expiration date will do very little to help people
who forget their passphrases within a few weeks of creating keys.
Once you remember the passphrase for a few weeks, it'll be in your
head forever.

> For that matter, I think the pressure to shove their keys
> on to key-servers immediately just needs to be dropped.

A key which cannot be found is a liability, not an asset. The
keyservers exist to be used.

> Increasing computing power alone have made such things as
> DES almost laughable now. Keys shouldn't be made with the
> idea that they can last forever.

There are two responses to this, both of which are factually accurate:

1. We are unlikely to ever be able to brute-force a 256-bit
keyspace. Ever. Not until computers are made of something other
than matter, occupy something other than space, run on something
other than energy, according to rules other than physics.

2. This is a reason to advocate forethought when generating keys,
not a reason to advocate just one method of solving the problem.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

mwood at IUPUI

Apr 18, 2007, 6:39 AM

Post #8 of 8 (634 views)
Permalink

Re: Lost passphrase [In reply to]

On Tue, Apr 17, 2007 at 11:59:01PM -0500, Robert J. Hansen wrote:
> > I have read what everybody has said on the subject and one
> > thing needs to be said again. THE DEFAULT EXPIRE FOR A NEW
> > KEY NEEDS TO BE FOR TWO YEARS FROM DATE OF KEY CREATION!
>
> That's making some really big assumptions about the security policy
> of the person making the key.
>
> There are also a lot of perfectly good alternatives which should
> perhaps be excluded first.

A good point. But it applies equally to any other lifetime, including
the current default. What this suggests to me is that the end user
drops out of the equation, because from the POV of the abstract
"typical user" no value that the developers choose is any more
supportable than any other.

This frees the developers to ask another question: "what value would
be good for the product's reputation?" A moderate one (1-2 years)
seems like a reasonable answer, since it provides some protection to
the user who has no policy or omits to apply it, but isn't
tremendously burdensome. Still, some thought and discussion would be
good. Is there any science to support certain ranges of values in
certain applications?

--
Mark H. Wood, Lead System Programmer mwood [at] IUPUI
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com