9 April 2014.
From: Werner Koch To: John Young , jacob@appelbaum.netSubject: FYI: quickly looking at keyidsDate: Wed, 09 Apr 2014 09:46:12 +0200Hi folks,instead of looking at pgpdump output (which is useful for a detailedanalyis), you may simply do that: $ xclip -o - | gpg -v --keyid-format=long --list-only gpg: armor header: Version: iPGMail (2.0.7) gpg: public key is A0BAEFAF17D4D0B2 gpg: public key is 31DB00B98A0C5522 gpg: public key is AA4E6903B940F753 gpg: encrypted with RSA key, ID AA4E6903B940F753 gpg: encrypted with RSA key, ID 31DB00B98A0C5522 gpg: encrypted with RSA key, ID A0BAEFAF17D4D0B2 $ xclip -o - | gpg -v --keyid-format=long --list-only gpg: armor header: Version: GnuPG v1.4.14 (GNU/Linux) gpg: armor header: Comment: Using GnuPG with Thunderbird [...] gpg: public key is AA4E6903B940F753 gpg: public key is 31DB00B98A0C5522 gpg: encrypted with RSA key, ID 31DB00B98A0C5522 gpg: encrypted with RSA key, ID AA4E6903B940F753xclip is used by me to paste from a different X session,--keyid-format=long prints all 64 bits of the keyid, and --list-onlyskips the actual decrytion (in case you have the private key)9 April 2014.
Cryptome views the Jacob Appelbaum's information in a message below an allegation similar to the original message. The message he provided could be tampered with as alleged of the original. PGP vulnerabilities are well known among comsec experts but not the public. Comsec experts often conceal vulnerabilities out of self-interest; instead provide misleading information -- a practice widespread in most security industries.
Twitter excerpts: https://twitter.com/search?q=cryptomeorg&src=typd&f=realtime
8 April 2014. Jacob Appelbaum @ioerror: @Cryptomeorg I emailed a correction to your latest PGP email leak about @ggreenwald and @JesselynRadack. I hope you'll update it.
8 April 2014. Jacob Appelbaum @ioerror: @kristamonster @Cryptomeorg @ggreenwald @JesselynRadack I have the full PGP payload and I sent it to @Cryptomeorg to publish it.
8 April 2014. Jacob Appelbaum @ioerror: @joshuafoust She wasn't hacked, she encrypted the message to a third key. I emailed @Cryptomeorg to update his disinfo post.
8 April 2014. Cryptome @Cryptomeorg: @ioerror @ggreenwald @JesselynRadack Updated.
8 April 2014. Jacob Appelbaum @ioerror: @Cryptomeorg @ggreenwald @JesselynRadack Thanks. Watch out of truncated PGP messages. It was a tell that you were being played.
8 April 2014. Cryptome @Cryptomeorg: @ioerror @ggreenwald @JesselynRadack We published your allegation as requested as with the other allegation. Fine tell tales, both.
9 April 2014. Jacob Appelbaum @ioerror 4h: @Cryptomeorg @ggreenwald @JesselynRadack The PGP message that I gave you is the original. The one you published is the same one, truncated.
9 April 2014. Jacob Appelbaum @ioerror: @Cryptomeorg @ggreenwald @JesselynRadack The one you published is also tampered with to change the PGP header text.
9 April 2014. Jacob Appelbaum @ioerror: @Green_Footballs Specifically because I assert that it isn't evidence that PGP is "broken" as @Cryptomeorg was stating. Big difference!
[Note: Cryptome did not claim PGP was broken, see below.]
8 April 2014.
Key tampering and forgery excerpts added by Cryptome.
http://www.gnupg.org/gph/en/manual/c235.html [Excerpt]
The GNU Privacy HandbookChapter 3. Key Management
Key tampering is a major security weakness with public-key cryptography. An eavesdropper may tamper with a user's keyrings or forge a user's public key and post it for others to download and use. For example, suppose Chloe wants to monitor the messages that Alice sends to Blake. She could mount what is called a man in the middle attack. In this attack, Chloe creates a new public/private keypair. She replaces Alice's copy of Blake's public key with the new public key. She then intercepts the messages that Alice sends to Blake. For each intercept, she decrypts it using the new private key, reencrypts it using Blake's true public key, and forwards the reencrypted message to Blake. All messages sent from Alice to Blake can now be read by Chloe.
Good key management is crucial in order to ensure not just the integrity of your keyrings but the integrity of other users' keyrings as well. The core of key management in GnuPG is the notion of signing keys. Key signing has two main purposes: it permits you to detect tampering on your keyring, and it allows you to certify that a key truly belongs to the person named by a user ID on the key. Key signatures are also used in a scheme known as the web of trust to extend certification to keys not directly signed by you but signed by others you trust. Responsible users who practice good key management can defeat key tampering as a practical attack on secure communication with GnuPG.
http://www.pgp.net/pgpnet/pgp-faq/pgp-faq.html [Dated 1996-2002.]
[Excerpt]
http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-keys.html
Q: Can a public key be forged?
A: In short: not completely, but parts may be.
There are four components in a public key, each of which has its own weaknesses. The four components are user IDs, key IDs, signatures and the key fingerprint.
It is quite easy to create a fake user ID. If a user ID on a key is changed, and the key is then added to another keyring, the changed user ID will be seen as a new user ID and so it gets added to the ones already present. This implies that an unsigned user ID should never be trusted. Question Should I sign my own key? discusses this in more detail.
It is possible to create a key with a chosen key ID, as Paul Leyland explains:
A PGP key ID is just the bottom 64 bits of the public modulus (but only the bottom 32 bits are displayed with pgp -kv). It is easy to select two primes which when multiplied together have a specific set of low-order bits.
This makes it possible to create a fake key with the same key ID as an existing one. The fingerprint will still be different, though.
By the way, this attack is sometimes referred to as a DEADBEEF attack. This term originates from an example key with key ID 0xDEADBEEF which was created to demonstrate that this was possible.
There are currently no methods to create a fake signature for a user ID on someone's key. To create a signature for a user ID, you need the signatory's secret key. A signature actually signs a hash of the user ID it applies to, so you can't copy a signature from one user ID to another or modify a signed user ID without invalidating the signature.
Yes, it is possible to create a public key with the same fingerprint as an existing one, thanks to a design misfeature in PGP 2.x when signing RSA keys. The fake key will not be of the same length, so it should be easy to detect. Usually such keys have odd key lengths.
Paul Leyland provided the following technical explanation:
Inside a PGP key, the public modulus and encryption exponent are each represented as the size of the quantity in bits, followed by the bits of the quantity itself. The key fingerprint, displayed by pgp -kvc, is the MD5 hash of the bits, but NOT of the lengths. By transferring low-order bits from the modulus to the high-order portion of the exponent and altering the two lengths accordingly, it is possible to create a new key with exactly the same fingerprint.
Q: How do I detect a forged key?
A: As explained in question Can a public key be forged?, each component of the public key can be faked. It is, however, not possible to create a fake key for which all the components match.
For this reason, you should always verify that key ID, fingerprint, and key size correspond when you are about to use someone's key. And when you sign a user ID, make sure it is signed by the key's owner!
Similarly, if you want to provide information about your key, include key ID, fingerprint and key size.
Date: Tue, 8 Apr 2014 13:38:22 +0000Subject: disinformation about PGPFrom: Jacob Appelbaum To: John Young Hi John,I saw your latest leak about Glenn and Jesselyn using PGP to exchangeemails. I did some digging and I think you've come to the wrongconclusion about everything. Actually, I think you are actively beingplayed by someone to mess with everyone involved.The speculation about PGP being broken is probably incorrect. Itappears that Jesselyn sent that email to three different emailaddresses and the PGP encrypted message on Cryptome is truncated ortampered with in some fashion to remove evidence of the third key thatwas used. Only two of the three email addresses belonged to Glenn. Itwas also encrypted to three keys, Glenn, Jesselyn and to a third keythat is run by an unknown hostile party. The third likely belongs toyour leaker/source. The attacker published a PGP key for that addressto confuse people who are trying to communication with Glenn securely.This clearly confused Jesselyn or her PGP mail client. I do notbelieve that this is evidence of her or Glenn being compromised (otherthan the social engineering issue at hand) nor is this evidence of PGPbeing broken. Rather, it is a user interface security problem withiPGMail that is quite common with PGP/GnuPG in general.Here is the original PGP message that was sent:-----BEGIN PGP MESSAGE-----Version: iPGMail (2.0.7)hQEMA6C6768X1NCyAQf/Q1Ib2FDNkTffaxr3iITKJRTf+/oy1h63RIcjW4LY/R2MjPxlXgb5FSMOsUT60GAANFLB778koTx3EyO3uUy2zSuidXdP0SSO8E7LHlqNbR1PXnxRw/Krap6ItKqpBwP1/1mMXj9P4AxaeqEUlbWp43JgwKy9Q7GfdP29VRsKWqwjAKUM18c+bnDut2M7A7S6GQq1/5/93m27ja/XtHsfxZ6c9pPnYpJHT8LRD/0QjwtbtLUXqcbI5HjDOZvW122vw0/zgId3grTps9TRXXwYp+Xo/drsqq4gMV7zZzBfsPLoLnuC4Xor2E+TjfcUhtq6xwd/94hLtY0lNCMxboDqGYUCDAMx2wC5igxVIgEP/iQTwdBiuSMvQxc8M2rIIWIYchWfZzrdf1qylqY4qdTQtxQULYFgdvuw0pg6FvFeNvyzZfI5uJpZn1+fl+8Q/qefwJ9p20s7scW1Kh49tomdoJr95c+zdy91/L3xZy5mnb+iw+GzReZEA+5S9KlDnhYZBrPkNAYVgNuztvI1e6ddx6bmvXMqs83AaHk+vvl0s31My2wmYtfZ5JK2iOyKJCxEfjlCiWMd9qk2tjNmfF95jvHVvY/baN9ASVWKm7/TqelDHG3j3wUkqSq/l2vy+YckfrHsFlcQDVdWH1JCwAVI6R2u5wDe/Mz12pIXzREVXuhemU9rq3KBZouCATl1iJYTMVeoxhiqGIHDcwi/4ZgzVsgNiEHoFnUWSaNnz5WnTw5FvYujXqPsQneH9gww599FpFqkJK0jJKk/tcrKx8o07rceu0UF/MHp1/EchMcUUHRRQ6zRnesh6emognYfGoyAYf6mjjbIIjACDM3qfufw/xRABYc3B4kTTeHoCd3q3Z8VLauo1k79sxGXzXtMJnhG5b0nS1MQZ5qxzN6AzVOmBCYzo9Kvwm+oyBnta5QIQnPDSDoHR0Ih0uKXMXlpoq/I6r5grT6VT5nyF9GYyY3WNdAi7/lhl/RbMN4jdS2BHs4zyZkqeqD8HrC9qMjX7lNv/kV9q/vhA81h5eQgIynXhQEMA6pOaQO5QPdTAQf/WKCaE0ZCdDpQmNPCOyoAlFCAH94tD6aGtK1vkW5ABtHqtVL5Zujuko6nhjaYgKbbZa+ZJwFOQaBDqUiRXPbBZh2e5Or3l34nwmhiuN/mUl7kYlVcIt/4hWj3HUHUxgOm++E9JTZ334I8U82FB8DIJ/DEftDfIylILSIczr/PsP6zu1HD1b5VdhJv3vnK/c6DzGOdZZiMEcbmw1BZJEne+IKagCCXBis8qbKxh7yR7cqkUXAr7Le5Lhqzpom9i3/96Dpjieat+jiCjTLF2f4jx7k4KRYZi/zTq6YXw6tPeq7AJneG01dMQZH+uem5n16PgS08H+9oOfmK3cLWoIVyUtLB5gHUIl5EhCiWIj28YhT/mpA3TRcVfdPS6k3wXVIozED/Yhq10LXDJbyrctclXL637nuk+jpi0j9AO8Wn/OaVIIkOpaVV6nM98SrHrTnJjZTQNTR2RK7zpTNa8giBoTNPncDKgFOL4n96A9qntX5e18so5E4/CIETYw6vNs2a5M8WgJEVjdMeDBEcgyX8gv7rXIvwaUaMymw26EqId6YDEm14zV1Ds7PaYoq09TxJeaEVfat4YuRhFoMabAXO0MIE6f73wS2JliMjx7c2ZYN1wc+mbuTbKVziM6LmpoNnb9O8+XmnH6hJ31rtAykV6ot/VG+j8nqDf3vMnAM/uWxLtzmTazxNhAQyO2nWxw2TzlHTNKN5cirm4ckrZNCxF8VRbjzPaBxaXgsphdTybmxi/BBavPNfnhi5tM83B+vvtI0DvJNgWFCD4TVg+ZsA64RFKAgzSvTNjzRz2hpALHmd4ZvF605Y0TOV5+cinlXujw7BLjTBQqo2nM2TkNeU7SvHP1FYzCMas+r870pDLsn4RMRKxFKzPlNgyxD3Tc4+4T7qRGzh/HsIhz4TgJPKhOG8cE15Ts8y7GB+nkyzDZHMRpCk2ZXL3/P2NqBqBmsJEucxtPsmWk33d/P/F+y/5hTAiJhzdxEIaneOC8fSkUOVvccucpmPcIqEn5MSzBcdbNrrYXo668w5Y3jM3Q1rB+z34u7uOf/dlAZgXn5Rb6S3JmkjD18TqKL5Wz2QiHYNm+biHwNxitLa+RhkKicYwuF217zNe2ok2fhQsLc6LHV8eJUOBnxFNty32lU7eJiZFkSwmCm/F9EXbSVHQSWWEvZ6gq7mGiicPpyQutXjWoFArKcc8Dn1alW2NlsyZE9JeV93cdYXVY0zEuzFOnmHvLY6Y1t93/X5LQ===iT18-----END PGP MESSAGE-----Note that this decodes differently than the message you posted:Old: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes) New version(3) Key ID - 0xA0BAEFAF17D4D0B2 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(2047 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02Old: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes) New version(3) Key ID - 0x31DB00B98A0C5522 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(4094 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02Old: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes) New version(3) Key ID - 0xAA4E6903B940F753 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(2047 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02New: Symmetrically Encrypted and MDC Packet(tag 18)(678 bytes) Ver 1 Encrypted data [sym alg is specified in pub-key encrypted session key] (plain text + MDC SHA1(20 bytes))Note the three keys used in that PGP encrypted message - your originalmessage only has two keys.0x31DB00B98A0C5522 is Glenn's correct key:pub 4096R/F48D6144 2014-01-19 [expires: 2015-01-19] Key fingerprint = F5E0 E7D1 0263 FD06 114E 2C6D EB84 CB43 F48D 6144uid Glenn Greenwald uid Glenn Greenwald sub 4096R/8A0C5522 2014-01-19 [expires: 2015-01-19]0xAA4E6903B940F753 is Jesselyn's correct key:pub 2048R/40359D2C 2013-07-16 [expires: 2017-07-16] Key fingerprint = C51E 5055 7C4E 1B22 60D6 9A15 84A3 2391 4035 9D2Cuid Jesselyn Radack sub 2048R/B940F753 2013-07-16 [expires: 2017-07-16]However if we look at 0xA0BAEFAF17D4D0B2 we see a third key that isleft out of your original message:pub 2048R/CC604FF1 2013-07-23 Key fingerprint = F3AB 523F 6B5E 75A0 B4F1 B987 5A2A D5A1 CC60 4FF1uid Glenn Greenwald sub 2048R/17D4D0B2 2013-07-23In summary: the above key is not Glenn's correct key and the aboveemail address is likely controlled by an attacker. The attacker didn'tneed to intercept email, they received the email directly fromJesselyn. The attacker didn't need to break PGP, it was encrypted to akey that they control because Jesselyn encrypted it to her key,Glenn's correct key and the attacker's key.Happy hacking,Jacob7 April 2014. Cryptome: Extracting keys from a message is easy with online key dumps such as http://www.pgpdump.net/cgi-bin/pgpdump . That does not mean keys extracted are bonafide or that a bonafide message has been decrypted. Spoof messages can be encrypted by falsely real keys giving the appearance of being authentic. Authentic keys can be obtained from key servers for confecting false messages. Distributing spoof keys and messages are a common technique for clouding and doubting comsec. That is a reason to publish this example for critique.
Cryptome is not aware of any reports of PGP being broken although allegations about it are commonplace. If there such bonafide reports please send: cryptome[at]earthlink.net.
7 April 2014
Jesselyn Radack Emails Glenn Greenwald
A sends:
Alleged Jesselyn Radack Email (BG may be Barton Gellman):
Hi Glenn,
Congrats on the McGill award!! I look forward to seeing you at Polks.
On that note, is my client making a surprise appearance? BG said you mentioned this to him at the Polk media event.
I won't tell anyone, including BG, if it's a surprise, but as his attorney, I'd like to know...and also what medium would be used (Google or the BEAMbot).
Thanks,
Jess
Alleged email message:
-----BEGIN PGP MESSAGE-----Version: GnuPG v1.4.14 (GNU/Linux)Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/hQEMA6pOaQO5QPdTAQf+J238hhBe17R1zGNCk3OB+LFfRoPwyYMG612FjqJd2FD/sg2048+UmvpoZxZyUAfCrcmySK7oj9SR26MJzT+WoQI+KTE86cOInpc7w/aInBb5dzfLGWM2w3U00nr1r8qS/IvVb5J9oAdPw1svnygvB1u8/ECjygS6gUWnX72LzOBtJ8W6YfhDjm1ct7B+JWMcmMa0c4WASbuGAz/MgZ1k/tddFrka10/I3YhLgnDwtMGPgCtcudx2SC06k88VnGrUH8f3iNcDJggSSA4sHtIDX+Naok17yCAGrNTbJmJA1ejWxeRzWq8qizS96KcQX0O2NYMMD5PlOx7lv0LTIGP2yYUCDAMx2wC5igxVIgEQAJtXK0h5EeJ3++hcwDzcw+YneUKgKhkiSIhVn5+OgvkSCxGqehBPLyiD5dYEHDAhieYxhZTsJO7JRoKq3lirE0z/0t4TpHv3W4YA2aLiztj3nQQeVUKlnhdtfejLLBiq2g/0LcCWzawpSo/NCzRrI4bWX2iy26MqwZCqTiiaiDU8yjh5m/b6cCzqq35P40i4zIVhdXwNc34vQl367OFFxs+qeVO1/+Di6WILqXKLodOOYAXRGHPne6KLsIBOl4aFEdal9f7/ijGIOukRsYCFTy08uZWEq4ttV5oP1dTlWrvieFbNZviaJ+YVQeD5UPYgJckUrGdUuuTTWHWZ+V1+y7YUYCZjVnAY+CZQhYSyLFCgFzLiIsbLtqxf1rPLigYVlTD0E7ZEWYuvNJApLzMoV3Nto50iqxWJWXbDWkGbTQjeF4Z3YJpDEAsLRjylHLjZV9dwdl8hye+ZW2IbrZlwvuu4E2dnqY2W1KsmfRR6AVSfnmDYb5u0+XUlIdh2sa5Q+AnnDJVIvti66uUXV2NHw7B5Y72vNcYDBVE1UBlsbY+VPYs5ONtrg7Ya3JMk0UjR/zttSs3vrmJ1VohJMAUfndKE3XHfAhJ2E0VYODaK8tPkX1d1FJAAH+VGuPd29+RQDGEHcODOfhOf9j1wEFn4uu875seRpbyYbfensq1084t90uoByMWg/HC/oL5DT7m39mFlpfDh+D1/p0rWYI9YUaYtVkwgy349BHg2DPCIDCAccmLgn4el5K3b/diKvYpkKnbkIWlGWenPr4cQynvIJJGK+Ljthq1AzIXhURxgnkNrzmMhuhJSMyj+29rVDPZLOrEHgyXtZ5lfGN0GUOST2J+J3lqMbW3QUPgOTwMiFderymAGThD0iZn5xcsFWjNpd6IaVxs2NYY0UF2bYzKsFtA/wGqgez/ES0rsw9fONjaTxRs1GRd/AV+evLLDSr0QQsoxB2NnZW5ZLK0/YcE5ClOd4It1UgSqQe4kE1K3s7+zmfmohL/YkfiVkJ6ZDa+3J/gnUJ5kKjVjv5GWcWa5HOOhaTMgMxmyZzDTWIpowr0B9o5fVkCsjZkqwnzF2Bb/KvzovMZIRF4DAbCHxIN9zuScGkIVRst/vCFWS49+Ve5k278I6l+yimrnPq/9NYh3tyXZ2gzjyWJi91Rz/+zn/pLi/cmvAc+QhW94NuZVzE/iIXyhee6+OB5o0cOJGZDAVOeCxxP+ekidL8e3T186GuBYXTOgRLo7vksbaZyJud2xybrnTyuRv5MxhEyaRpfC4b7O2SwdHaYSQfNHHDh0kF8ytLhW++f9s63JtJixTffInuAk1Efk6fo4qyNbFRW8EfNMv6KHyQHwlMZF1fpYWV5kQx4eH5RA74aQhcjg5EAuxCOs6M3U2DkXfrRomdhd4YZCiybUo4XZvOHQm40kmoIQXSShV7xCq9hZ9jHnx/pPMMXZpvlkCCRjvcshrLNTDQYmH3gT4onUy8RaHlmSGbsbAlvcY+1HQmjd9Oow+/L0UV2dxEgEUxd0+tecUW7VoDrlEv/ALwCrH2yxkiqUtFebQGccKvJyBs7X/8bfjP23O+VDcWwe3gqKxfk2hHI3+zgSrQHZWe7xQD2QIpIUGUU9JiHQprcRbIj/6o3p9aICNW+A7KILMzyRkSyI4FBr/6OLcFt8UK54wYkOGax4CTen5Y50wBJj+Ijf/BkmP9qgX52svJHnqUIOQgw8BFJy44lPjP+DruyItGeZigI8L12Wbh4VE5yJdQxkoc8DyFT7liD/pXju47nXt2t06EGmf8qboFRYyciBitPmk66dqgsabts0E6LliEiIw+bQYioW2GpqGKx32QjEIOTzROJ4V4FAkof9tcvidgyJPTOy8Bhmuhw+KdB30nO8BAKSsxIS1vniLFJYde5Kzwuha8ku5izN/OxokekiSFhnw4WBcXlLieMlk7NtDMKEYZ4MV/MIXydEGKFgyXBrgxlWFR4R/TY6SvLvJyRNowMtEWv3nj1kd12V0x0LF+1WO5tQIIt3cyGtYfRTtxBd29jsqwlgtnXR6UkKsUyimY9RwP9YdUwoReNXSfQVX/Ni0YOGokfayT10qvif7pe9chGLTOcqrhhqFI9BIvx9CH46J5HkZPL+Jxs82c3DNLXtvcFrs1+4qBI7CotbEL91Rd3cUW9opAch174jfIzwm/ETV1ON+apIUu1khpOQorCCpf+MKiYdf3amSHsr0UnYUMeiKZqBml37QLmLDSxZIcJQ6aNGh5UCN/N3/XInCdJuVfQ8+C7PbW2mff7YKGcTt15vIyAB+5emreTNfDBmoqzXaHr/hrjJupuorgI02yR4KeeXRBdvOmM/A+m144NF6ecc9PfVOArhtLc/4I2medAIYD/UvH6Td72EEQu9JAYyG6QBBwkOWI5onBaD4OBeK8vqF2kSkKY1NkPxsE2iDNpi6p5ajRyOHTFpCtBK83rG2wSjMBAdyqaiQH08OFxmuK3Z7BwEbOVcubxngy0SnXD9VRb7OHXg4mBT/0vl+DNmRpY6MoG6lM6c/jm3rma+WudWHDD1fjawBSyHOMALBxBZYTNbULmxVjz5f1mlxsXLhbqRFGM+EU+X28NzHVASIy/6kFOqIR2AHXNhEMLTZS2gxSjjTHoeeDjixtZdoTqulG/y+e88OXrBOBnb20tYS2VSwrKof16Aa1opwKRw/qRQl4NZfS0cLTLM/2HODNUR6EcS7LrhaP2LS8VTiiYSaX86Ml598EX5BCNfW3svQq4gDLt96pfR6JcyY8R0bFAhGncvJJ/bi/Fz7IVBitLPMJPbFT9bgrCxT/xRe4Q/GU0Ei+gqhQ===uwBf-----END PGP MESSAGE-----PGPdump Results [of message above]http://www.pgpdump.net/cgi-bin/pgpdumpOld: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes) New version(3) Key ID - 0xAA4E6903B940F753 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(2046 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02 Old: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes) New version(3) Key ID - 0x31DB00B98A0C5522 Pub alg - RSA Encrypt or Sign(pub 1) RSA m^e mod n(4096 bits) - ... -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02 New: Symmetrically Encrypted and MDC Packet(tag 18)(1024 bytes) partial start Ver 1 Encrypted data [sym alg is specified in pub-key encrypted session key] (plain text + MDC SHA1(20 bytes)) New: (512 bytes) partial continue New: (75 bytes) partial endKey Look-up http://sks.pkqs.net/http://sks.pkqs.net/pks/lookup?search=0xaa4e6903b940f753&fingerprint=on&op=index&exact=offSearch results for '0xaa4e6903b940f753'Type bits/keyID Date User IDpub 2048R/40359D2C 2013-07-16 Jesselyn Radack Fingerprint=C51E 5055 7C4E 1B22 60D6 9A15 84A3 2391 4035 9D2C Key Look-up http://sks.pkqs.net/http://sks.pkqs.net/pks/lookup?search=0x31DB00B98A0C5522&fingerprint=on&op=index&exact=offSearch results for '0x31db00b98a0c5522'Type bits/keyID Date User IDpub 4096R/F48D6144 2014-01-19 Glenn Greenwald Glenn Greenwald Glenn Greenwald Glenn Greenwald Fingerprint=F5E0 E7D1 0263 FD06 114E 2C6D EB84 CB43 F48D 6144