9 April 2014. From: Werner Koch <wk@gnupg.org> To: John Young <jya@pipeline.com>, jacob@appelbaum.net Subject: FYI: quickly looking at keyids Date: Wed, 09 Apr 2014 09:46:12 +0200 Hi folks, instead of looking at pgpdump output (which is useful for a detailed analyis), you may simply do that: $ xclip -o - | gpg -v --keyid-format=long --list-only gpg: armor header: Version: iPGMail (2.0.7) gpg: public key is A0BAEFAF17D4D0B2 gpg: public key is 31DB00B98A0C5522 gpg: public key is AA4E6903B940F753 gpg: encrypted with RSA key, ID AA4E6903B940F753 gpg: encrypted with RSA key, ID 31DB00B98A0C5522 gpg: encrypted with RSA key, ID A0BAEFAF17D4D0B2 $ xclip -o - | gpg -v --keyid-format=long --list-only gpg: armor header: Version: GnuPG v1.4.14 (GNU/Linux) gpg: armor header: Comment: Using GnuPG with Thunderbird [...] gpg: public key is AA4E6903B940F753 gpg: public key is 31DB00B98A0C5522 gpg: encrypted with RSA key, ID 31DB00B98A0C5522 gpg: encrypted with RSA key, ID AA4E6903B940F753 xclip is used by me to paste from a different X session, --keyid-format=long prints all 64 bits of the keyid, and --list-only skips the actual decrytion (in case you have the private key) 9 April 2014. Cryptome views the Jacob Appelbaum's information in a message below an allegation similar to the original message. The message he provided could be tampered with as alleged of the original. PGP vulnerabilities are well known among comsec experts but not the public. Comsec experts often conceal vulnerabilities out of self-interest; instead provide misleading information -- a practice widespread in most security industries. Twitter excerpts: https://twitter.com/search?q=cryptomeorg&src=typd&f=realtime 8 April 2014. Jacob Appelbaum @ioerror: @Cryptomeorg I emailed a correction to your latest PGP email leak about @ggreenwald and @JesselynRadack. I hope you'll update it. 8 April 2014. Jacob Appelbaum @ioerror: @kristamonster @Cryptomeorg @ggreenwald @JesselynRadack I have the full PGP payload and I sent it to @Cryptomeorg to publish it. 8 April 2014. Jacob Appelbaum @ioerror: @joshuafoust She wasn't hacked, she encrypted the message to a third key. I emailed @Cryptomeorg to update his disinfo post. 8 April 2014. Cryptome @Cryptomeorg: @ioerror @ggreenwald @JesselynRadack Updated. 8 April 2014. Jacob Appelbaum @ioerror: @Cryptomeorg @ggreenwald @JesselynRadack Thanks. Watch out of truncated PGP messages. It was a tell that you were being played. 8 April 2014. Cryptome @Cryptomeorg: @ioerror @ggreenwald @JesselynRadack We published your allegation as requested as with the other allegation. Fine tell tales, both. 9 April 2014. Jacob Appelbaum @ioerror 4h: @Cryptomeorg @ggreenwald @JesselynRadack The PGP message that I gave you is the original. The one you published is the same one, truncated. 9 April 2014. Jacob Appelbaum @ioerror: @Cryptomeorg @ggreenwald @JesselynRadack The one you published is also tampered with to change the PGP header text. 9 April 2014. Jacob Appelbaum @ioerror: @Green_Footballs Specifically because I assert that it isn't evidence that PGP is "broken" as @Cryptomeorg was stating. Big difference! [Note: Cryptome did not claim PGP was broken, see below.] 8 April 2014. Key tampering and forgery excerpts added by Cryptome. http://www.gnupg.org/gph/en/manual/c235.html [Excerpt] The GNU Privacy Handbook

Chapter 3. Key Management Key tampering is a major security weakness with public-key cryptography. An eavesdropper may tamper with a user's keyrings or forge a user's public key and post it for others to download and use. For example, suppose Chloe wants to monitor the messages that Alice sends to Blake. She could mount what is called a man in the middle attack. In this attack, Chloe creates a new public/private keypair. She replaces Alice's copy of Blake's public key with the new public key. She then intercepts the messages that Alice sends to Blake. For each intercept, she decrypts it using the new private key, reencrypts it using Blake's true public key, and forwards the reencrypted message to Blake. All messages sent from Alice to Blake can now be read by Chloe. Good key management is crucial in order to ensure not just the integrity of your keyrings but the integrity of other users' keyrings as well. The core of key management in GnuPG is the notion of signing keys. Key signing has two main purposes: it permits you to detect tampering on your keyring, and it allows you to certify that a key truly belongs to the person named by a user ID on the key. Key signatures are also used in a scheme known as the web of trust to extend certification to keys not directly signed by you but signed by others you trust. Responsible users who practice good key management can defeat key tampering as a practical attack on secure communication with GnuPG. http://www.pgp.net/pgpnet/pgp-faq/pgp-faq.html [Dated 1996-2002.] [Excerpt] http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-keys.html Q: Can a public key be forged? A: In short: not completely, but parts may be. There are four components in a public key, each of which has its own weaknesses. The four components are user IDs, key IDs, signatures and the key fingerprint. It is quite easy to create a fake user ID. If a user ID on a key is changed, and the key is then added to another keyring, the changed user ID will be seen as a new user ID and so it gets added to the ones already present. This implies that an unsigned user ID should never be trusted. Question Should I sign my own key? discusses this in more detail. It is possible to create a key with a chosen key ID, as Paul Leyland explains: A PGP key ID is just the bottom 64 bits of the public modulus (but only the bottom 32 bits are displayed with pgp -kv). It is easy to select two primes which when multiplied together have a specific set of low-order bits. This makes it possible to create a fake key with the same key ID as an existing one. The fingerprint will still be different, though. By the way, this attack is sometimes referred to as a DEADBEEF attack. This term originates from an example key with key ID 0xDEADBEEF which was created to demonstrate that this was possible. There are currently no methods to create a fake signature for a user ID on someone's key. To create a signature for a user ID, you need the signatory's secret key. A signature actually signs a hash of the user ID it applies to, so you can't copy a signature from one user ID to another or modify a signed user ID without invalidating the signature. Yes, it is possible to create a public key with the same fingerprint as an existing one, thanks to a design misfeature in PGP 2.x when signing RSA keys. The fake key will not be of the same length, so it should be easy to detect. Usually such keys have odd key lengths. Paul Leyland provided the following technical explanation: Inside a PGP key, the public modulus and encryption exponent are each represented as the size of the quantity in bits, followed by the bits of the quantity itself. The key fingerprint, displayed by pgp -kvc, is the MD5 hash of the bits, but NOT of the lengths. By transferring low-order bits from the modulus to the high-order portion of the exponent and altering the two lengths accordingly, it is possible to create a new key with exactly the same fingerprint. Q: How do I detect a forged key? A: As explained in question Can a public key be forged?, each component of the public key can be faked. It is, however, not possible to create a fake key for which all the components match. For this reason, you should always verify that key ID, fingerprint, and key size correspond when you are about to use someone's key. And when you sign a user ID, make sure it is signed by the key's owner! Similarly, if you want to provide information about your key, include key ID, fingerprint and key size. Date: Tue, 8 Apr 2014 13:38:22 +0000 Subject: disinformation about PGP From: Jacob Appelbaum <jacob@appelbaum.net> To: John Young <jya@pipeline.com> Hi John, I saw your latest leak about Glenn and Jesselyn using PGP to exchange emails. I did some digging and I think you've come to the wrong conclusion about everything. Actually, I think you are actively being played by someone to mess with everyone involved. The speculation about PGP being broken is probably incorrect. It appears that Jesselyn sent that email to three different email addresses and the PGP encrypted message on Cryptome is truncated or tampered with in some fashion to remove evidence of the third key that was used. Only two of the three email addresses belonged to Glenn. It was also encrypted to three keys, Glenn, Jesselyn and to a third key that is run by an unknown hostile party. The third likely belongs to your leaker/source. The attacker published a PGP key for that address to confuse people who are trying to communication with Glenn securely. This clearly confused Jesselyn or her PGP mail client. I do not believe that this is evidence of her or Glenn being compromised (other than the social engineering issue at hand) nor is this evidence of PGP being broken. Rather, it is a user interface security problem with iPGMail that is quite common with PGP/GnuPG in general. Here is the original PGP message that was sent: -----BEGIN PGP MESSAGE----- Version: iPGMail (2.0.7) hQEMA6C6768X1NCyAQf/Q1Ib2FDNkTffaxr3iITKJRTf+/oy1h63RIcjW4LY/R2MjPxlXgb5FSMO sUT60GAANFLB778koTx3EyO3uUy2zSuidXdP0SSO8E7LHlqNbR1PXnxRw/Krap6ItKqpBwP1/1mM Xj9P4AxaeqEUlbWp43JgwKy9Q7GfdP29VRsKWqwjAKUM18c+bnDut2M7A7S6GQq1/5/93m27ja/X tHsfxZ6c9pPnYpJHT8LRD/0QjwtbtLUXqcbI5HjDOZvW122vw0/zgId3grTps9TRXXwYp+Xo/drs qq4gMV7zZzBfsPLoLnuC4Xor2E+TjfcUhtq6xwd/94hLtY0lNCMxboDqGYUCDAMx2wC5igxVIgEP /iQTwdBiuSMvQxc8M2rIIWIYchWfZzrdf1qylqY4qdTQtxQULYFgdvuw0pg6FvFeNvyzZfI5uJpZ n1+fl+8Q/qefwJ9p20s7scW1Kh49tomdoJr95c+zdy91/L3xZy5mnb+iw+GzReZEA+5S9KlDnhYZ BrPkNAYVgNuztvI1e6ddx6bmvXMqs83AaHk+vvl0s31My2wmYtfZ5JK2iOyKJCxEfjlCiWMd9qk2 tjNmfF95jvHVvY/baN9ASVWKm7/TqelDHG3j3wUkqSq/l2vy+YckfrHsFlcQDVdWH1JCwAVI6R2u 5wDe/Mz12pIXzREVXuhemU9rq3KBZouCATl1iJYTMVeoxhiqGIHDcwi/4ZgzVsgNiEHoFnUWSaNn z5WnTw5FvYujXqPsQneH9gww599FpFqkJK0jJKk/tcrKx8o07rceu0UF/MHp1/EchMcUUHRRQ6zR nesh6emognYfGoyAYf6mjjbIIjACDM3qfufw/xRABYc3B4kTTeHoCd3q3Z8VLauo1k79sxGXzXtM JnhG5b0nS1MQZ5qxzN6AzVOmBCYzo9Kvwm+oyBnta5QIQnPDSDoHR0Ih0uKXMXlpoq/I6r5grT6V T5nyF9GYyY3WNdAi7/lhl/RbMN4jdS2BHs4zyZkqeqD8HrC9qMjX7lNv/kV9q/vhA81h5eQgIynX hQEMA6pOaQO5QPdTAQf/WKCaE0ZCdDpQmNPCOyoAlFCAH94tD6aGtK1vkW5ABtHqtVL5Zujuko6n hjaYgKbbZa+ZJwFOQaBDqUiRXPbBZh2e5Or3l34nwmhiuN/mUl7kYlVcIt/4hWj3HUHUxgOm++E9 JTZ334I8U82FB8DIJ/DEftDfIylILSIczr/PsP6zu1HD1b5VdhJv3vnK/c6DzGOdZZiMEcbmw1BZ JEne+IKagCCXBis8qbKxh7yR7cqkUXAr7Le5Lhqzpom9i3/96Dpjieat+jiCjTLF2f4jx7k4KRYZ i/zTq6YXw6tPeq7AJneG01dMQZH+uem5n16PgS08H+9oOfmK3cLWoIVyUtLB5gHUIl5EhCiWIj28 YhT/mpA3TRcVfdPS6k3wXVIozED/Yhq10LXDJbyrctclXL637nuk+jpi0j9AO8Wn/OaVIIkOpaVV 6nM98SrHrTnJjZTQNTR2RK7zpTNa8giBoTNPncDKgFOL4n96A9qntX5e18so5E4/CIETYw6vNs2a 5M8WgJEVjdMeDBEcgyX8gv7rXIvwaUaMymw26EqId6YDEm14zV1Ds7PaYoq09TxJeaEVfat4YuRh FoMabAXO0MIE6f73wS2JliMjx7c2ZYN1wc+mbuTbKVziM6LmpoNnb9O8+XmnH6hJ31rtAykV6ot/ VG+j8nqDf3vMnAM/uWxLtzmTazxNhAQyO2nWxw2TzlHTNKN5cirm4ckrZNCxF8VRbjzPaBxaXgsp hdTybmxi/BBavPNfnhi5tM83B+vvtI0DvJNgWFCD4TVg+ZsA64RFKAgzSvTNjzRz2hpALHmd4ZvF 605Y0TOV5+cinlXujw7BLjTBQqo2nM2TkNeU7SvHP1FYzCMas+r870pDLsn4RMRKxFKzPlNgyxD3 Tc4+4T7qRGzh/HsIhz4TgJPKhOG8cE15Ts8y7GB+nkyzDZHMRpCk2ZXL3/P2NqBqBmsJEucxtPsm Wk33d/P/F+y/5hTAiJhzdxEIaneOC8fSkUOVvccucpmPcIqEn5MSzBcdbNrrYXo668w5Y3jM3Q1r B+z34u7uOf/dlAZgXn5Rb6S3JmkjD18TqKL5Wz2QiHYNm+biHwNxitLa+RhkKicYwuF217zNe2ok 2fhQsLc6LHV8eJUOBnxFNty32lU7eJiZFkSwmCm/F9EXbSVHQSWWEvZ6gq7mGiicPpyQutXjWoFA rKcc8Dn1alW2NlsyZE9JeV93cdYXVY0zEuzFOnmHvLY6Y1t93/X5LQ== =iT18 -----END PGP MESSAGE----- Note that this decodes differently than the message you posted: Old: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes) New version(3) Key ID - 0xA0BAEFAF17D4D0B2 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(2047 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02 Old: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes) New version(3) Key ID - 0x31DB00B98A0C5522 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(4094 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02 Old: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes) New version(3) Key ID - 0xAA4E6903B940F753 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(2047 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02 New: Symmetrically Encrypted and MDC Packet(tag 18)(678 bytes) Ver 1 Encrypted data [sym alg is specified in pub-key encrypted session key] (plain text + MDC SHA1(20 bytes)) Note the three keys used in that PGP encrypted message - your original message only has two keys. 0x31DB00B98A0C5522 is Glenn's correct key: pub 4096R/F48D6144 2014-01-19 [expires: 2015-01-19] Key fingerprint = F5E0 E7D1 0263 FD06 114E 2C6D EB84 CB43 F48D 6144 uid Glenn Greenwald <glenngreenwald@firstlook.org> uid Glenn Greenwald <glenn.greenwald@riseup.net> sub 4096R/8A0C5522 2014-01-19 [expires: 2015-01-19] 0xAA4E6903B940F753 is Jesselyn's correct key: pub 2048R/40359D2C 2013-07-16 [expires: 2017-07-16] Key fingerprint = C51E 5055 7C4E 1B22 60D6 9A15 84A3 2391 4035 9D2C uid Jesselyn Radack <jradack@whistleblower.org> sub 2048R/B940F753 2013-07-16 [expires: 2017-07-16] However if we look at 0xA0BAEFAF17D4D0B2 we see a third key that is left out of your original message: pub 2048R/CC604FF1 2013-07-23 Key fingerprint = F3AB 523F 6B5E 75A0 B4F1 B987 5A2A D5A1 CC60 4FF1 uid Glenn Greenwald <glenn@silent1.net> sub 2048R/17D4D0B2 2013-07-23 In summary: the above key is not Glenn's correct key and the above email address is likely controlled by an attacker. The attacker didn't need to intercept email, they received the email directly from Jesselyn. The attacker didn't need to break PGP, it was encrypted to a key that they control because Jesselyn encrypted it to her key, Glenn's correct key and the attacker's key. Happy hacking, Jacob 7 April 2014. Cryptome: Extracting keys from a message is easy with online key dumps such as http://www.pgpdump.net/cgi-bin/pgpdump . That does not mean keys extracted are bonafide or that a bonafide message has been decrypted. Spoof messages can be encrypted by falsely real keys giving the appearance of being authentic. Authentic keys can be obtained from key servers for confecting false messages. Distributing spoof keys and messages are a common technique for clouding and doubting comsec. That is a reason to publish this example for critique. Cryptome is not aware of any reports of PGP being broken although allegations about it are commonplace. If there such bonafide reports please send: cryptome[at]earthlink.net. 7 April 2014 Jesselyn Radack Emails Glenn Greenwald A sends: Alleged Jesselyn Radack Email (BG may be Barton Gellman): Hi Glenn, Congrats on the McGill award!! I look forward to seeing you at Polks. On that note, is my client making a surprise appearance? BG said you mentioned this to him at the Polk media event. I won't tell anyone, including BG, if it's a surprise, but as his attorney, I'd like to know...and also what medium would be used (Google or the BEAMbot). Thanks, Jess Alleged email message: -----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ hQEMA6pOaQO5QPdTAQf+J238hhBe17R1zGNCk3OB+LFfRoPwyYMG612FjqJd2FD/ sg2048+UmvpoZxZyUAfCrcmySK7oj9SR26MJzT+WoQI+KTE86cOInpc7w/aInBb5 dzfLGWM2w3U00nr1r8qS/IvVb5J9oAdPw1svnygvB1u8/ECjygS6gUWnX72LzOBt J8W6YfhDjm1ct7B+JWMcmMa0c4WASbuGAz/MgZ1k/tddFrka10/I3YhLgnDwtMGP gCtcudx2SC06k88VnGrUH8f3iNcDJggSSA4sHtIDX+Naok17yCAGrNTbJmJA1ejW xeRzWq8qizS96KcQX0O2NYMMD5PlOx7lv0LTIGP2yYUCDAMx2wC5igxVIgEQAJtX K0h5EeJ3++hcwDzcw+YneUKgKhkiSIhVn5+OgvkSCxGqehBPLyiD5dYEHDAhieYx hZTsJO7JRoKq3lirE0z/0t4TpHv3W4YA2aLiztj3nQQeVUKlnhdtfejLLBiq2g/0 LcCWzawpSo/NCzRrI4bWX2iy26MqwZCqTiiaiDU8yjh5m/b6cCzqq35P40i4zIVh dXwNc34vQl367OFFxs+qeVO1/+Di6WILqXKLodOOYAXRGHPne6KLsIBOl4aFEdal 9f7/ijGIOukRsYCFTy08uZWEq4ttV5oP1dTlWrvieFbNZviaJ+YVQeD5UPYgJckU rGdUuuTTWHWZ+V1+y7YUYCZjVnAY+CZQhYSyLFCgFzLiIsbLtqxf1rPLigYVlTD0 E7ZEWYuvNJApLzMoV3Nto50iqxWJWXbDWkGbTQjeF4Z3YJpDEAsLRjylHLjZV9dw dl8hye+ZW2IbrZlwvuu4E2dnqY2W1KsmfRR6AVSfnmDYb5u0+XUlIdh2sa5Q+Ann DJVIvti66uUXV2NHw7B5Y72vNcYDBVE1UBlsbY+VPYs5ONtrg7Ya3JMk0UjR/ztt Ss3vrmJ1VohJMAUfndKE3XHfAhJ2E0VYODaK8tPkX1d1FJAAH+VGuPd29+RQDGEH cODOfhOf9j1wEFn4uu875seRpbyYbfensq1084t90uoByMWg/HC/oL5DT7m39mFl pfDh+D1/p0rWYI9YUaYtVkwgy349BHg2DPCIDCAccmLgn4el5K3b/diKvYpkKnbk IWlGWenPr4cQynvIJJGK+Ljthq1AzIXhURxgnkNrzmMhuhJSMyj+29rVDPZLOrEH gyXtZ5lfGN0GUOST2J+J3lqMbW3QUPgOTwMiFderymAGThD0iZn5xcsFWjNpd6Ia Vxs2NYY0UF2bYzKsFtA/wGqgez/ES0rsw9fONjaTxRs1GRd/AV+evLLDSr0QQsox B2NnZW5ZLK0/YcE5ClOd4It1UgSqQe4kE1K3s7+zmfmohL/YkfiVkJ6ZDa+3J/gn UJ5kKjVjv5GWcWa5HOOhaTMgMxmyZzDTWIpowr0B9o5fVkCsjZkqwnzF2Bb/Kvzo vMZIRF4DAbCHxIN9zuScGkIVRst/vCFWS49+Ve5k278I6l+yimrnPq/9NYh3tyXZ 2gzjyWJi91Rz/+zn/pLi/cmvAc+QhW94NuZVzE/iIXyhee6+OB5o0cOJGZDAVOeC xxP+ekidL8e3T186GuBYXTOgRLo7vksbaZyJud2xybrnTyuRv5MxhEyaRpfC4b7O 2SwdHaYSQfNHHDh0kF8ytLhW++f9s63JtJixTffInuAk1Efk6fo4qyNbFRW8EfNM v6KHyQHwlMZF1fpYWV5kQx4eH5RA74aQhcjg5EAuxCOs6M3U2DkXfrRomdhd4YZC iybUo4XZvOHQm40kmoIQXSShV7xCq9hZ9jHnx/pPMMXZpvlkCCRjvcshrLNTDQYm H3gT4onUy8RaHlmSGbsbAlvcY+1HQmjd9Oow+/L0UV2dxEgEUxd0+tecUW7VoDrl Ev/ALwCrH2yxkiqUtFebQGccKvJyBs7X/8bfjP23O+VDcWwe3gqKxfk2hHI3+zgS rQHZWe7xQD2QIpIUGUU9JiHQprcRbIj/6o3p9aICNW+A7KILMzyRkSyI4FBr/6OL cFt8UK54wYkOGax4CTen5Y50wBJj+Ijf/BkmP9qgX52svJHnqUIOQgw8BFJy44lP jP+DruyItGeZigI8L12Wbh4VE5yJdQxkoc8DyFT7liD/pXju47nXt2t06EGmf8qb oFRYyciBitPmk66dqgsabts0E6LliEiIw+bQYioW2GpqGKx32QjEIOTzROJ4V4FA kof9tcvidgyJPTOy8Bhmuhw+KdB30nO8BAKSsxIS1vniLFJYde5Kzwuha8ku5izN /OxokekiSFhnw4WBcXlLieMlk7NtDMKEYZ4MV/MIXydEGKFgyXBrgxlWFR4R/TY6 SvLvJyRNowMtEWv3nj1kd12V0x0LF+1WO5tQIIt3cyGtYfRTtxBd29jsqwlgtnXR 6UkKsUyimY9RwP9YdUwoReNXSfQVX/Ni0YOGokfayT10qvif7pe9chGLTOcqrhhq FI9BIvx9CH46J5HkZPL+Jxs82c3DNLXtvcFrs1+4qBI7CotbEL91Rd3cUW9opAch 174jfIzwm/ETV1ON+apIUu1khpOQorCCpf+MKiYdf3amSHsr0UnYUMeiKZqBml37 QLmLDSxZIcJQ6aNGh5UCN/N3/XInCdJuVfQ8+C7PbW2mff7YKGcTt15vIyAB+5em reTNfDBmoqzXaHr/hrjJupuorgI02yR4KeeXRBdvOmM/A+m144NF6ecc9PfVOArh tLc/4I2medAIYD/UvH6Td72EEQu9JAYyG6QBBwkOWI5onBaD4OBeK8vqF2kSkKY1 NkPxsE2iDNpi6p5ajRyOHTFpCtBK83rG2wSjMBAdyqaiQH08OFxmuK3Z7BwEbOVc ubxngy0SnXD9VRb7OHXg4mBT/0vl+DNmRpY6MoG6lM6c/jm3rma+WudWHDD1fjaw BSyHOMALBxBZYTNbULmxVjz5f1mlxsXLhbqRFGM+EU+X28NzHVASIy/6kFOqIR2A HXNhEMLTZS2gxSjjTHoeeDjixtZdoTqulG/y+e88OXrBOBnb20tYS2VSwrKof16A a1opwKRw/qRQl4NZfS0cLTLM/2HODNUR6EcS7LrhaP2LS8VTiiYSaX86Ml598EX5 BCNfW3svQq4gDLt96pfR6JcyY8R0bFAhGncvJJ/bi/Fz7IVBitLPMJPbFT9bgrCx T/xRe4Q/GU0Ei+gqhQ== =uwBf -----END PGP MESSAGE----- PGPdump Results [of message above] http://www.pgpdump.net/cgi-bin/pgpdump Old: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes) New version(3) Key ID - 0xAA4E6903B940F753 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(2046 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02 Old: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes) New version(3) Key ID - 0x31DB00B98A0C5522 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(4096 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02 New: Symmetrically Encrypted and MDC Packet(tag 18)(1024 bytes) partial start Ver 1 Encrypted data [sym alg is specified in pub-key encrypted session key] (plain text + MDC SHA1(20 bytes)) New: (512 bytes) partial continue New: (75 bytes) partial end Key Look-up http://sks.pkqs.net/ http://sks.pkqs.net/pks/lookup?search=0xaa4e6903b940f753&fingerprint=on&op=index&exact=off Search results for '0xaa4e6903b940f753' Type bits/keyID Date User ID pub 2048R/40359D2C 2013-07-16 Jesselyn Radack <jradack@whistleblower.org> Fingerprint=C51E 5055 7C4E 1B22 60D6 9A15 84A3 2391 4035 9D2C Key Look-up http://sks.pkqs.net/ http://sks.pkqs.net/pks/lookup?search=0x31DB00B98A0C5522&fingerprint=on&op=index&exact=off Search results for '0x31db00b98a0c5522' Type bits/keyID Date User ID pub 4096R/F48D6144 2014-01-19 Glenn Greenwald <glenngreenwald@firstlook.org> Glenn Greenwald <glenn.greenwald@riseup.net> Glenn Greenwald <Glenn.Greenwald@firstlook.org> Glenn Greenwald <Glenn.Greenwald@theintercept.com> Fingerprint=F5E0 E7D1 0263 FD06 114E 2C6D EB84 CB43 F48D 6144