Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If Edward Snowden does have a pgp key (I can't find one online), it hasn't been revealed in this message. It looks like the signing and encryption keys are the same:

  gpg: armor: BEGIN PGP MESSAGE
  gpg: armor header: Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
  gpg: armor header: Comment: GPGTools - http://gpgtools.org
  :pubkey enc packet: version 3, algo 1, keyid 5B50940B79DEBE35
          data: [4096 bits]
  gpg: public key is 79DEBE35
  :encrypted data packet:
          length: unknown
          mdc_method: 2
  gpg: encrypted with RSA key, ID 79DEBE35
  gpg: decryption failed: secret key not available
Of course, they could have used --hidden-encrypt-to, but I think it's more likely a publicity stunt.

Oh, and if you do find a key claiming to be for Edward Snowden online, verify that it's actually him, ideally through the web of trust, and that it isn't just a key that was created after the news was leaked. I'd be wary of any keys on keyservers claiming to be him that have been uploaded after he went public with this.



If --hidden-encrypt-to is used, there still will be signs of that. Specifically, the message addressed to 0x0000000 and the recipient will basically brute force it uses every key he/she has.

Having said, that, according to PGP Dump

  Old: Public-Key Encrypted Session Key Packet(tag 1)(524 bytes)
        New version(3)
        Key ID - 0x5B50940B79DEBE35
        Pub alg - RSA Encrypt or Sign(pub 1)
        RSA m^e mod n(4096 bits) - ...
                -> m = sym alg(1 byte) + checksum(2 bytes) + 
  PKCS-1 block type 02
  New: Symmetrically Encrypted and MDC Packet(tag 18)(4096 
  bytes) partial start
        Ver 1
        Encrypted data [sym alg is specified in pub-key 
  encrypted session key]
  
                (plain text + MDC SHA1(20 bytes))
  New:    (1024 bytes) partial continue
  New:    (18 bytes) partial end
It looks like we can merely see that the message is destined to 0x5B50940B79DEBE35. We won't be able to tell who's signer until it is decrypted.


Ah, thanks. I learned something new today.


Well, there's now a key matching that ID on subkeys.pgp.net:

    $ gpg --recv-key '0x5B50940B79DEBE35'
    gpg: requesting key 79DEBE35 from hkp server subkeys.pgp.net
    gpg: key 2BE0BC29: public key "Verax (Informed Democracy Front)" imported
    gpg: Total number processed: 1
    gpg:               imported: 1  (RSA: 1)
Claims to have been created May 20, 2013, though it's only self-signed:

    $ gpg --list-sigs 2BE0BC29
    pub   4096R/2BE0BC29 2013-05-20
    uid                  Verax (Informed Democracy Front)
    sig 3        2BE0BC29 2013-05-20  Verax (Informed Democracy Front)
    sub   4096R/79DEBE35 2013-05-20
    sig          2BE0BC29 2013-05-20  Verax (Informed Democracy Front)


There's no way to tell when a key was uploaded to a keyserver without the keyserver's logs.


But that's metadata. You dont need a court order for THAT!

Oh wait. That plan only works for federal agencies and secret courts. Never mind.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: