Opened 5 years ago

Closed 5 years ago

#7775 closed defect (not a bug)

cannot decrypt both encrypted & encrypted+signed emails in k9 mail+APG

Reported by: johnshaft Owned by: ioerror
Priority: Medium Milestone:
Component: Applications/TorBirdy Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

<johnshaft> using thunderbird+torbirdy, i send both an encrypted email and encrypted+signed email to myself. When i attempt to decrypt it on android k9-mail using APG it refuses.
<johnshaft> ?
<Hukka> Refuses?
<johnshaft> i can prepare a screengrab if need be
<johnshaft> throws general exception:no suitable secret key found
<Hukka> Has it worked with other emails?
<johnshaft> yes, only noticed this behaviour with torbirdy
<Hukka> Even with the same key?
<johnshaft> k9+apg can verify any signed email, not encrypted & encrypted+signed - can anybody test to duplicate?
<johnshaft> if i dont use torbirdy, with the same key, all is ok
<Hukka> Ok, so have you imported your secret key?
<Hukka> And are you able to read the mail sent with torbirdy with any other client
<johnshaft> my secret keys are in APG

  • dwigaris (~dwigaris@…) has joined #tor

<johnshaft> i can decrypt+verify fine with thunderbird+enigmail for the same emails - not in k9+APG

Child Tickets

Attachments (2)

screenshot-1355877283171.png (100.3 KB) - added by johnshaft 5 years ago.
Capture.PNG (94.2 KB) - added by johnshaft 5 years ago.

Download all attachments as: .zip

Change History (9)

Changed 5 years ago by johnshaft

comment:1 Changed 5 years ago by sukhbir

Based on the error message (no suitable secret key found), the reason for this can be that we are enabling --throw-keyids for gpg, i.e., gpg will not put the recipient key IDs into encrypted messages. So when you send an encrypted message using TorBirdy + Enigmail and try to decrypt it using APG, it is possible that because APG cannot find a recipient key and because it is not trying all the secret keys, it gives up and throws this error.

A good way to confirm this is: in TorBirdy's preferences, go to Privacy Settings and check the Put the recipient key IDs into encrypted messages option. Then try the above steps by sending an encrypted mail using TorBirdy and decrypting it using APG. You should be able to do so.

Changed 5 years ago by johnshaft

Attachment: Capture.PNG added

comment:2 Changed 5 years ago by johnshaft

i don't see the setting you mention ?

im using thunderbird portable with a portable pgp install ...

comment:3 in reply to:  2 Changed 5 years ago by sukhbir

Replying to johnshaft:

i don't see the setting you mention ?

im using thunderbird portable with a portable pgp install ...

Which version of TorBirdy are you using? It's there in the latest version 0.0.13 and was introduced in 0.0.12.

(this)

comment:4 Changed 5 years ago by sukhbir

Oh yes, sorry, the label was changed. In the version you are using, it is Disable GPG --throw-keyids (second option).

(We actually changed the label in the nightly build)

comment:5 Changed 5 years ago by johnshaft

thanks,

i tested this option disabled and was able to verify/decrypt all 3 scenarios

is leaving this setting disabled any less secure ?
or should i only disable when i know the recipient uses k9+APG and and leave it enabled all other times ?

comment:6 Changed 5 years ago by sukhbir

If you are not sending encrypted messages with Thunderbird+TorBirdy, then this option has no effect.

If you are sending encrypted messages, it depends. From the GPG manual, having this enabled (which is the default in TorBirdy):

Do not put the recipient key IDs into encrypted messages. This helps to hide the receivers of the message and is a limited countermeasure against traffic analysis. ([Using a little social engineering anyone who is able to decrypt the message can check whether one of the other recipients is the one he suspects.]) On the receiving side, it may slow down the decryption process because all available secret keys must be tried.

To put it succinctly, if you have a key that is not public, you might want to leave this enabled (default behavior). To know why, follow the discussion on the tor-talk mailing list about this topic.

If your key is public and you plan to use APG in your case, you can disable this option safely. The only thing this leaks when enabled is your key ID and nothing else (again, assuming it is public already).

The reason why we have this opt-out was because many users were complaining that they didn't want to use --throw-keyids, so that is why it is there :)

comment:7 Changed 5 years ago by sukhbir

Resolution: not a bug
Status: newclosed

I hope this is resolved. In case it is not, please feel free to reopen this ticket.

Note: See TracTickets for help on using tickets.