[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] GNUnet 0.6.1b released

From: Christian Grothoff
Subject: Re: [GNUnet-developers] GNUnet 0.6.1b released
Date: Mon, 9 Feb 2004 16:03:27 -0500
User-agent: KMail/1.4.3

Hash: SHA1

This is a (forgotten) problem with libgcrypt.  The crypto library insists on 
checking that the key for the blowfish cypher is 'secure'.  Now, with ECRS we 
do not have a choice as towards what the key looks like and we use millions 
of them.  Which makes it likely that the unlikely case that one of these keys 
is 'weak' occurs.  In GNUnet's "gcry" adaptation the 'weak' check is disabled 
(it has no relevance for the security of the system), but it is enabled in 
libgcrypt (by default).
We should find out how to disable the check (and if it's not possible, ask the 
libgcrypt developers to add an API to disable it).  For now, the workaround 
is to use gcry (on x86 only) or OpenSSL.


On Monday 09 February 2004 08:21 am, Loïc Le Guyader wrote:
> Le 31 janvier 2004, Christian Grothoff, à bout, prit son clavier pour
> taper sur son écran:
> > You must run gnunet-check -ra to migrate from 0.6.1a (or earlier) to
> > 0.6.1b. Running gnunet-check -ra will fix the bloomfilter size, recover
> > the indexed content and possibly fix other problems.
> # gnunet-check -ra
> Feb  9 14:18:16 WARNING: GNUNET-CHECK/FIXED-PRIORITY in conf either <= 0 or
> missing Feb  9 14:18:16 WARNING: GNUNET-INSERT/CONTENT-PRIORITY in conf
> either <= 0 or missing Checking indexed files
> * [a filename]
> Feb  9 14:18:37 FAILURE: symcipher.c:encryptBlock: gcry_cipher_setkey
> failed (Weak encryption key)! Feb  9 14:18:37 FATAL: encryption failed!?Feb
>  9 14:18:37 __BREAK__ at logging.c:240 Abandon
> No useful information with -V.
> Have a nice day.
Version: GnuPG v1.0.7 (GNU/Linux)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]