Dangerous RSA (sub)key usage settings
I just generated a new RSA/RSA keypair using GPG Keychain Access 1.1.1. Everything looked good, I uploaded it to a keyserver, and only then did I notice something really worrisome: the main (signing) key was set to have allowed usage "esca" and the subkey (for encryption) had usage "esa".
My understanding is that it is Very Bad to ever use the same key for signing and encryption, so it is awfully worrisome to see that my new key's settings explicitly allow it (for both subkeys). As I understand it, the usual setting is "sc" for the main key (allowing signing and certification) and just "e" for the encryption subkey.
I think it is rather a big deal. I'll be revoking my brand new key just to be safe, and creating a new one from the command line. I hope not too many people have been affected by this problem!
Comments are currently closed for this discussion. You can start a new one.
|?||Show this help|
|ESC||Blurs the current field|
|r||Focus the comment reply box|
|^ + ↩||Submit the comment|
You can use
Command ⌘ instead of
Control ^ on Mac
Support Staff 1 Posted by Luke Le on 14 Sep, 2013 09:58 PM
thanks for bringing this to our attention.
According to the gnupg docs, if the key usage is not specifically set during creating, all possibles usages will be added. This is definitely not a good idea, and we'll fix it as soon as possible.
While this shouldn't pose a great security risk, it's definitely not what GPG Keychain Access should do.
In the meantime, if you create the key via the gnupg command line, the primary key will only be used for certification and signing, and the subkey for encryption, as you correctly pointed out.
You can track progress under the following ticket:
2 Posted by Steuard on 15 Sep, 2013 01:32 AM
Just a followup: when I used gpg2 --gen-key from the command line and chose "RSA and RSA", there's a strange ambiguity in the listed usage capabilities depending on where I look. Running gpg2 --edit-key xxxxxxxx gives the following information:
pub 4096R/7CFF4988 created: 2013-09-15 expires: 2017-09-14 usage: SC
trust: ultimate validity: ultimate
sub 4096R/2109B8F2 created: 2013-09-15 expires: 2017-09-14 usage: E
[ultimate] (1). Test User <[email blocked]>
But in GPG Keychain Access 1.1.1, the main key instead lists capabilities "Esc". (The subkey still just says "e".) So there's a second issue here where the graphical interface isn't necessarily reporting the right info.
Support Staff 3 Posted by Luke Le on 15 Sep, 2013 01:40 AM
Uppercase letters mean, that there's at least one key that can encrypt.
All key usages, the ones of the primary key, or any subkeys are considered.
So to say, data can be encrypted to this key.
It's obviously not really a good way to present this information.
GPG Keychain Access' UI is pretty horrible, but we hope to change that soon.
Support Staff 4 Posted by Steve on 25 Sep, 2013 12:13 PM
This issue is fixed in the source and will be included in the next stable release of the GPG Suite.
Steve closed this discussion on 25 Sep, 2013 12:13 PM.