commit dkgpg for openSUSE:Factory
Hello community,
here is the log from the commit of package dkgpg for openSUSE:Factory checked
in at 2019-07-22 17:18:17
Comparing /work/SRC/openSUSE:Factory/dkgpg (Old)
and /work/SRC/openSUSE:Factory/.dkgpg.new.4126 (New)
Package is "dkgpg"
Mon Jul 22 17:18:17 2019 rev:10 rq:717436 version:1.1.3
Changes:
--- /work/SRC/openSUSE:Factory/dkgpg/dkgpg.changes 2019-06-03
18:50:57.300525126 +0200
+++ /work/SRC/openSUSE:Factory/.dkgpg.new.4126/dkgpg.changes2019-07-22
17:18:18.569962338 +0200
@@ -1,0 +2,13 @@
+Mon Jul 22 06:44:53 UTC 2019 - Karol Babioch
+
+- Update to version 1.1.3:
+This is a bugfix release that includes only three minor improvements: a
+direct-key signature (0x1f) for the primary key is added by default such
+that restricting key servers (e.g. keys.openpgp.org) can deliver a
+cryptographically checkable key without verification of any included
+user ID or without appended subkey. The command line interface of
+dkg-decrypt has been improved in order to give users an easy access to
+the symmetric-key decryption mode. An additional option ("-5") for
+dkg-sign allows to generate V5 signatures (cf. draft RFC 4880bis).
+
+---
Old:
dkgpg-1.1.2.tar.gz
dkgpg-1.1.2.tar.gz.sig
New:
dkgpg-1.1.3.tar.gz
dkgpg-1.1.3.tar.gz.sig
Other differences:
--
++ dkgpg.spec ++
--- /var/tmp/diff_new_pack.U4xfnk/_old 2019-07-22 17:18:19.085961927 +0200
+++ /var/tmp/diff_new_pack.U4xfnk/_new 2019-07-22 17:18:19.085961927 +0200
@@ -17,7 +17,7 @@
Name: dkgpg
-Version:1.1.2
+Version:1.1.3
Release:0
Summary:Distributed Key Generation (DKG) and Threshold Cryptography
for OpenPGP
License:GPL-2.0-or-later
++ dkgpg-1.1.2.tar.gz -> dkgpg-1.1.3.tar.gz ++
7556 lines of diff (skipped)
commit dkgpg for openSUSE:Factory
Hello community,
here is the log from the commit of package dkgpg for openSUSE:Factory checked
in at 2019-06-03 18:50:55
Comparing /work/SRC/openSUSE:Factory/dkgpg (Old)
and /work/SRC/openSUSE:Factory/.dkgpg.new.5148 (New)
Package is "dkgpg"
Mon Jun 3 18:50:55 2019 rev:9 rq:706877 version:1.1.2
Changes:
--- /work/SRC/openSUSE:Factory/dkgpg/dkgpg.changes 2019-04-30
13:05:26.441932392 +0200
+++ /work/SRC/openSUSE:Factory/.dkgpg.new.5148/dkgpg.changes2019-06-03
18:50:57.300525126 +0200
@@ -1,0 +2,21 @@
+Sun Jun 2 08:25:15 UTC 2019 - Karol Babioch
+
+- Update to version 1.1.2:
+This release adds a lot of features to some programs: two new options
+("-K" and "-f") allow dkg-keysign to read the certification key from a
+keyring instead of a single key block file. Moreover, with option "-a"
+an interactive confirmation by the user is required for each signature.
+Passive support of V5 keys (cf. draft RFC 4880bis) has been added for
+all programs, however, dkg-generate still generates V4 keys only,
+because this new feature of the draft is not widely spread. There is
+also a new encryption capability: an empty KEYSPEC tells dkg-encrypt to
+create a symmetric-key encrypted session key, i.e., the user has to
+supply a passphrase for encryption and decryption without any public-key
+cryptography involved. Last but not least, two bugs have been fixed:
+First, dkg-decrypt failed on many ZIP-compressed OpenPGP messages with
+"ZLIB ERROR: -3 invalid block type" due to a bug in decompression logic.
+Second, dkg-decrypt failed in a special case of symmetric-key encrypted
+session keys. Finally, the non-installing program dkg-fuzzer (generates
+fuzzy samples of somehow corrupted OpenPGP stuctures) has been added.
+
+---
Old:
dkgpg-1.1.1.tar.gz
dkgpg-1.1.1.tar.gz.sig
New:
dkgpg-1.1.2.tar.gz
dkgpg-1.1.2.tar.gz.sig
Other differences:
--
++ dkgpg.spec ++
--- /var/tmp/diff_new_pack.VFVjEw/_old 2019-06-03 18:50:57.932524908 +0200
+++ /var/tmp/diff_new_pack.VFVjEw/_new 2019-06-03 18:50:57.932524908 +0200
@@ -17,7 +17,7 @@
Name: dkgpg
-Version:1.1.1
+Version:1.1.2
Release:0
Summary:Distributed Key Generation (DKG) and Threshold Cryptography
for OpenPGP
License:GPL-2.0-or-later
@@ -28,7 +28,7 @@
Source3:%{name}.keyring
BuildRequires: gcc-c++
BuildRequires: gmp-devel >= 4.2
-BuildRequires: libTMCG-devel >= 1.3.15
+BuildRequires: libTMCG-devel >= 1.3.18
BuildRequires: libbz2-devel
BuildRequires: libgcrypt-devel >= 1.6
BuildRequires: libgpg-error-devel >= 1.12
++ dkgpg-1.1.1.tar.gz -> dkgpg-1.1.2.tar.gz ++
7592 lines of diff (skipped)
commit dkgpg for openSUSE:Factory
Hello community,
here is the log from the commit of package dkgpg for openSUSE:Factory checked
in at 2019-04-30 13:05:24
Comparing /work/SRC/openSUSE:Factory/dkgpg (Old)
and /work/SRC/openSUSE:Factory/.dkgpg.new.5536 (New)
Package is "dkgpg"
Tue Apr 30 13:05:24 2019 rev:8 rq:698935 version:1.1.1
Changes:
--- /work/SRC/openSUSE:Factory/dkgpg/dkgpg.changes 2018-12-11
15:48:34.402157382 +0100
+++ /work/SRC/openSUSE:Factory/.dkgpg.new.5536/dkgpg.changes2019-04-30
13:05:26.441932392 +0200
@@ -1,0 +2,13 @@
+Sun Apr 28 13:14:20 UTC 2019 - Karol Babioch
+
+- Update to version 1.1.1:
+Some small improvements have been applied for dkg-generate: Two new
+options ("-u" and "-N") allow providing the initial user ID and to
+disable the passphrase at command line. Moreover, since this release
+dkg-timestamp and dkg-timestamp-verify require a special key usage flag
+from recent RFC 4880bis draft to select so-called timestamping keys.
+Finally, the synchronization time of the internally used broadcast
+protocol was reduced to a more reasonable amount and in dkg-decrypt the
+detection of end of data for message and decryption shares was changed.
+
+---
Old:
dkgpg-1.1.0.tar.gz
dkgpg-1.1.0.tar.gz.sig
New:
dkgpg-1.1.1.tar.gz
dkgpg-1.1.1.tar.gz.sig
Other differences:
--
++ dkgpg.spec ++
--- /var/tmp/diff_new_pack.sh5Npw/_old 2019-04-30 13:05:27.213931695 +0200
+++ /var/tmp/diff_new_pack.sh5Npw/_new 2019-04-30 13:05:27.213931695 +0200
@@ -1,7 +1,7 @@
#
# spec file for package dkgpg
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: dkgpg
-Version:1.1.0
+Version:1.1.1
Release:0
Summary:Distributed Key Generation (DKG) and Threshold Cryptography
for OpenPGP
License:GPL-2.0-or-later
++ dkgpg-1.1.0.tar.gz -> dkgpg-1.1.1.tar.gz ++
15270 lines of diff (skipped)
commit dkgpg for openSUSE:Factory
Hello community, here is the log from the commit of package dkgpg for openSUSE:Factory checked in at 2018-12-11 15:48:31 Comparing /work/SRC/openSUSE:Factory/dkgpg (Old) and /work/SRC/openSUSE:Factory/.dkgpg.new.19453 (New) Package is "dkgpg" Tue Dec 11 15:48:31 2018 rev:7 rq:656870 version:1.1.0 Changes: --- /work/SRC/openSUSE:Factory/dkgpg/dkgpg.changes 2018-11-13 17:08:17.047000774 +0100 +++ /work/SRC/openSUSE:Factory/.dkgpg.new.19453/dkgpg.changes 2018-12-11 15:48:34.402157382 +0100 @@ -1,0 +2,11 @@ +Mon Dec 10 15:02:40 UTC 2018 - atoptsog...@suse.com + +- Update to version 1.1.0: +This release supports Authenticated Encryption with Associated Data (AEAD) +in accordance to RFC 4880bis (draft); this can be enforced with the new +added option "-a" when dkg-(d)encrypt is used. For using domain parameters, +as described in RFC 7919, one should specify the new option "-r", when +dkg-gencrs is used. Last, for key generation (dkg-generate) the timestamp +option was added ( "--timestamping") which sets a key usage flag. + +--- Old: dkgpg-1.0.9.tar.gz dkgpg-1.0.9.tar.gz.sig New: dkgpg-1.1.0.tar.gz dkgpg-1.1.0.tar.gz.sig Other differences: -- ++ dkgpg.spec ++ --- /var/tmp/diff_new_pack.bLYAut/_old 2018-12-11 15:48:35.378156305 +0100 +++ /var/tmp/diff_new_pack.bLYAut/_new 2018-12-11 15:48:35.382156300 +0100 @@ -17,7 +17,7 @@ Name: dkgpg -Version:1.0.9 +Version:1.1.0 Release:0 Summary:Distributed Key Generation (DKG) and Threshold Cryptography for OpenPGP License:GPL-2.0-or-later ++ dkgpg-1.0.9.tar.gz -> dkgpg-1.1.0.tar.gz ++ 2561 lines of diff (skipped)
commit dkgpg for openSUSE:Factory
Hello community,
here is the log from the commit of package dkgpg for openSUSE:Factory checked
in at 2018-11-13 16:57:58
Comparing /work/SRC/openSUSE:Factory/dkgpg (Old)
and /work/SRC/openSUSE:Factory/.dkgpg.new (New)
Package is "dkgpg"
Tue Nov 13 16:57:58 2018 rev:6 rq:648405 version:1.0.9
Changes:
--- /work/SRC/openSUSE:Factory/dkgpg/dkgpg.changes 2018-09-24
13:12:54.497743900 +0200
+++ /work/SRC/openSUSE:Factory/.dkgpg.new/dkgpg.changes 2018-11-13
17:08:17.047000774 +0100
@@ -1,0 +2,12 @@
+Mon Nov 12 07:52:43 UTC 2018 - Karol Babioch
+
+- Update to version 1.0.9
+This release improves the possibilities of DKGPG further. With the new
+programs dkg-adduid and dkg-revuid an user ID can be added and revoked,
+respectively. The program dkg-revoke now supports a human-readable
+reason for revocation (by option "-R") and dkg-decrypt verifies an
+included signature according to a given key ring (option "-k"). Last
+but not least, by the program dkg-addrevoker an external revocation
+key can be specified.
+
+---
Old:
dkgpg-1.0.8.tar.gz
dkgpg-1.0.8.tar.gz.sig
New:
dkgpg-1.0.9.tar.gz
dkgpg-1.0.9.tar.gz.sig
Other differences:
--
++ dkgpg.spec ++
--- /var/tmp/diff_new_pack.Xy78M0/_old 2018-11-13 17:08:17.730999884 +0100
+++ /var/tmp/diff_new_pack.Xy78M0/_new 2018-11-13 17:08:17.734999879 +0100
@@ -12,12 +12,12 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: dkgpg
-Version:1.0.8
+Version:1.0.9
Release:0
Summary:Distributed Key Generation (DKG) and Threshold Cryptography
for OpenPGP
License:GPL-2.0-or-later
@@ -28,7 +28,7 @@
Source3:%{name}.keyring
BuildRequires: gcc-c++
BuildRequires: gmp-devel >= 4.2
-BuildRequires: libTMCG-devel >= 1.3.14
+BuildRequires: libTMCG-devel >= 1.3.15
BuildRequires: libbz2-devel
BuildRequires: libgcrypt-devel >= 1.6
BuildRequires: libgpg-error-devel >= 1.12
++ dkgpg-1.0.8.tar.gz -> dkgpg-1.0.9.tar.gz ++
19655 lines of diff (skipped)
commit dkgpg for openSUSE:Factory
Hello community,
here is the log from the commit of package dkgpg for openSUSE:Factory checked
in at 2018-09-24 13:12:50
Comparing /work/SRC/openSUSE:Factory/dkgpg (Old)
and /work/SRC/openSUSE:Factory/.dkgpg.new (New)
Package is "dkgpg"
Mon Sep 24 13:12:50 2018 rev:5 rq:637010 version:1.0.8
Changes:
--- /work/SRC/openSUSE:Factory/dkgpg/dkgpg.changes 2018-07-18
22:52:52.807171765 +0200
+++ /work/SRC/openSUSE:Factory/.dkgpg.new/dkgpg.changes 2018-09-24
13:12:54.497743900 +0200
@@ -1,0 +2,33 @@
+Thu Sep 13 07:13:51 UTC 2018 - Karol Babioch
+
+- Update to version 1.0.8:
+First of all, passive support for ECDSA, ECDH, and EdDSA (cf. RFC 6637
+and Werner Koch's draft RFC 4880bis) has been added by relying on the
+most recent version of LibTMCG. The threshold signature scheme and the
+threshold encryption are still limited to finite field cryptography
+(i.e. DSA and ElGamal). Moreover, the programs generate and recognize
+a few other new OpenPGP features (e.g. issuer fingerprint subpackets)
+from RFC 4880bis. Compressed messages are now decompressed by the
+program dkg-decrypt using zlib Compression Library (and optionally by
+library routines from libbzip2). This completes DKGPG's compatibility
+with other OpenPGP software, however, the prefered compression algorithm
+(i.e. "no compression") in self-signatures of generated keys is kept
+for now. Support for symmetric-key decryption by dkg-decrypt has been
+added too. The program dkg-verify now reads the signature from a file,
+if option "-s" is used. To keep track of later protocol changes, all
+interactive programs include a version identifier in their common ID of
+the reliable broadcast channel. Thus programs from previous releases
+will not communicate with those of this release. With the new programs
+dkg-timestamp and dkg-timestamp-verify a OpenPGP timestamp signature
+can be generated and verified, respectively. Last but not least, by the
+new option "-y" some programs (dkg-generate, dkg-decrypt, dkg-sign,
+dkg-keysign, and dkg-timestamp) will work with regular OpenPGP keys too.
+The README file contains a configuration sample showing how to replace
+classic PGP by DKGPG in the famous mail user agent mutt based on this
+option. Please note that this feature is experimental and semantics
+may be changed later.
+- Added new build requirements:
+ * zlib
+ * bzip2
+
+---
Old:
dkgpg-1.0.7.tar.gz
dkgpg-1.0.7.tar.gz.sig
New:
dkgpg-1.0.8.tar.gz
dkgpg-1.0.8.tar.gz.sig
Other differences:
--
++ dkgpg.spec ++
--- /var/tmp/diff_new_pack.GasJUm/_old 2018-09-24 13:12:55.037742954 +0200
+++ /var/tmp/diff_new_pack.GasJUm/_new 2018-09-24 13:12:55.037742954 +0200
@@ -17,7 +17,7 @@
Name: dkgpg
-Version:1.0.7
+Version:1.0.8
Release:0
Summary:Distributed Key Generation (DKG) and Threshold Cryptography
for OpenPGP
License:GPL-2.0-or-later
@@ -28,9 +28,11 @@
Source3:%{name}.keyring
BuildRequires: gcc-c++
BuildRequires: gmp-devel >= 4.2
-BuildRequires: libTMCG-devel >= 1.3.13
+BuildRequires: libTMCG-devel >= 1.3.14
+BuildRequires: libbz2-devel
BuildRequires: libgcrypt-devel >= 1.6
BuildRequires: libgpg-error-devel >= 1.12
+BuildRequires: zlib-devel
%description
The Distributed Privacy Guard (DKGPG) implements Distributed Key
++ dkgpg-1.0.7.tar.gz -> dkgpg-1.0.8.tar.gz ++
26396 lines of diff (skipped)
commit dkgpg for openSUSE:Factory
Hello community,
here is the log from the commit of package dkgpg for openSUSE:Factory checked
in at 2018-07-18 22:52:39
Comparing /work/SRC/openSUSE:Factory/dkgpg (Old)
and /work/SRC/openSUSE:Factory/.dkgpg.new (New)
Package is "dkgpg"
Wed Jul 18 22:52:39 2018 rev:4 rq:621611 version:1.0.7
Changes:
--- /work/SRC/openSUSE:Factory/dkgpg/dkgpg.changes 2018-03-24
16:14:15.245932955 +0100
+++ /work/SRC/openSUSE:Factory/.dkgpg.new/dkgpg.changes 2018-07-18
22:52:52.807171765 +0200
@@ -1,0 +2,11 @@
+Mon Jul 9 05:33:30 UTC 2018 - kbabi...@suse.com
+
+- Update to 1.0.7:
+ * Small improvments due to the new OpenPGP structures from libTMCG
+ * "-k" option has been added to further programs
+ * OpenPGP cleartext signatures can be generated with the "-t" option
+ * Output of potentially malicious user IDs has been sanitized in
+dkg-keycheck, dkg-keyinfo, and dkg-keysign
+- Applied spec-cleaner
+
+---
Old:
dkgpg-1.0.6.tar.gz
dkgpg-1.0.6.tar.gz.sig
New:
dkgpg-1.0.7.tar.gz
dkgpg-1.0.7.tar.gz.sig
Other differences:
--
++ dkgpg.spec ++
--- /var/tmp/diff_new_pack.shqYRm/_old 2018-07-18 22:52:53.219170399 +0200
+++ /var/tmp/diff_new_pack.shqYRm/_new 2018-07-18 22:52:53.219170399 +0200
@@ -17,19 +17,19 @@
Name: dkgpg
-Version:1.0.6
+Version:1.0.7
Release:0
Summary:Distributed Key Generation (DKG) and Threshold Cryptography
for OpenPGP
-License:GPL-2.0+
+License:GPL-2.0-or-later
Group: Productivity/Security
-Url:https://www.nongnu.org/dkgpg/
+URL:https://www.nongnu.org/dkgpg/
Source:
https://download.savannah.gnu.org/releases/dkgpg/%{name}-%{version}.tar.gz
Source2:
https://download.savannah.gnu.org/releases/dkgpg/%{name}-%{version}.tar.gz.sig
Source3:%{name}.keyring
BuildRequires: gcc-c++
BuildRequires: gmp-devel >= 4.2
-BuildRequires: libTMCG-devel >= 1.3.12
-BuildRequires: libgcrypt-devel >= 1.7
+BuildRequires: libTMCG-devel >= 1.3.13
+BuildRequires: libgcrypt-devel >= 1.6
BuildRequires: libgpg-error-devel >= 1.12
%description
@@ -66,7 +66,8 @@
%make_install
%files
-%doc AUTHORS BUGS ChangeLog COPYING NEWS README TODO
+%license COPYING
+%doc AUTHORS BUGS ChangeLog NEWS README TODO
%{_bindir}/dkg-*
%{_mandir}/man1/*%{ext_man}
++ dkgpg-1.0.6.tar.gz -> dkgpg-1.0.7.tar.gz ++
28837 lines of diff (skipped)
commit dkgpg for openSUSE:Factory
Hello community,
here is the log from the commit of package dkgpg for openSUSE:Factory checked
in at 2018-03-24 16:14:13
Comparing /work/SRC/openSUSE:Factory/dkgpg (Old)
and /work/SRC/openSUSE:Factory/.dkgpg.new (New)
Package is "dkgpg"
Sat Mar 24 16:14:13 2018 rev:3 rq:589665 version:1.0.6
Changes:
--- /work/SRC/openSUSE:Factory/dkgpg/dkgpg.changes 2018-02-18
11:45:47.570216125 +0100
+++ /work/SRC/openSUSE:Factory/.dkgpg.new/dkgpg.changes 2018-03-24
16:14:15.245932955 +0100
@@ -1,0 +2,27 @@
+Wed Mar 21 08:25:45 UTC 2018 - kbabi...@suse.com
+
+- Update to version 1.0.6:
+ * dkg-keysign: added option "-k" (keyring with external keys)
+ * dkg-encrypt: added option "-k" (keyring with external keys)
+ * dkg-verify: added option "-k" (keyring with external keys)
+ * dkg-keycheck: added option "-k" (keyring with external keys)
+ * dkg-keycheck: added output of allowed external revocation keys
+ * dkg-encrypt: added option "-s" to select appropriate subkey
+ * dkg-encrypt: renamed option "-z" to "-t" for convenience
+ * dkg-keysign: include only exportable signatures to output
+ * check and set strict permissions (0600) for private key file
+ * dkg-sign: added option "-U" (policy URI) and improved manpage
+ * dkg-refresh: support generic verification and public key parsing
+ * dkg-keysign: added options "-1" through "-3" (validation level)
+ * dkg-keysign: added option "-u" (select user IDs) for CLT18
+ * dkg-keysign: support generic verification and public key parsing
+ * dkg-verify: support generic verification and public key parsing
+ * dkg-encrypt: support generic encryption and public key parsing
+ * dkg-generate: added no-modify key server preferences (0x80)
+ * improved error handling for unrecognized OpenPGP (sub)packets
+ * dkg-keycheck: changed semantics of option "-r" (reduce subkeys)
+ * dkg-keycheck: uses new public-key block parser from LibTMCG
+ * new default domain parameter set (CRS) due to LibTMCG changes
+ * raised the requirement of libgcrypt version to >= 1.7.0
+
+---
Old:
dkgpg-1.0.5.tar.gz
dkgpg-1.0.5.tar.gz.sig
New:
dkgpg-1.0.6.tar.gz
dkgpg-1.0.6.tar.gz.sig
Other differences:
--
++ dkgpg.spec ++
--- /var/tmp/diff_new_pack.zv8STq/_old 2018-03-24 16:14:16.317894313 +0100
+++ /var/tmp/diff_new_pack.zv8STq/_new 2018-03-24 16:14:16.325894025 +0100
@@ -17,19 +17,19 @@
Name: dkgpg
-Version:1.0.5
+Version:1.0.6
Release:0
Summary:Distributed Key Generation (DKG) and Threshold Cryptography
for OpenPGP
License:GPL-2.0+
Group: Productivity/Security
-URL:https://www.nongnu.org/dkgpg/
+Url:https://www.nongnu.org/dkgpg/
Source:
https://download.savannah.gnu.org/releases/dkgpg/%{name}-%{version}.tar.gz
Source2:
https://download.savannah.gnu.org/releases/dkgpg/%{name}-%{version}.tar.gz.sig
Source3:%{name}.keyring
BuildRequires: gcc-c++
BuildRequires: gmp-devel >= 4.2
-BuildRequires: libTMCG-devel >= 1.3.9
-BuildRequires: libgcrypt-devel >= 1.6
+BuildRequires: libTMCG-devel >= 1.3.12
+BuildRequires: libgcrypt-devel >= 1.7
BuildRequires: libgpg-error-devel >= 1.12
%description
++ dkgpg-1.0.5.tar.gz -> dkgpg-1.0.6.tar.gz ++
20817 lines of diff (skipped)
commit dkgpg for openSUSE:Factory
Hello community, here is the log from the commit of package dkgpg for openSUSE:Factory checked in at 2018-02-18 11:45:43 Comparing /work/SRC/openSUSE:Factory/dkgpg (Old) and /work/SRC/openSUSE:Factory/.dkgpg.new (New) Package is "dkgpg" Sun Feb 18 11:45:43 2018 rev:2 rq:577617 version:1.0.5 Changes: --- /work/SRC/openSUSE:Factory/dkgpg/dkgpg.changes 2018-02-12 10:14:46.354461801 +0100 +++ /work/SRC/openSUSE:Factory/.dkgpg.new/dkgpg.changes 2018-02-18 11:45:47.570216125 +0100 @@ -1,0 +2,5 @@ +Sat Feb 10 13:32:34 UTC 2018 - jeng...@inai.de + +- Trim/compact long description for size, and wrap at 70 cols. + +--- Other differences: -- ++ dkgpg.spec ++ --- /var/tmp/diff_new_pack.tASIdw/_old 2018-02-18 11:45:48.478183530 +0100 +++ /var/tmp/diff_new_pack.tASIdw/_new 2018-02-18 11:45:48.482183387 +0100 @@ -33,11 +33,27 @@ BuildRequires: libgpg-error-devel >= 1.12 %description -The Distributed Privacy Guard (DKGPG) implements Distributed Key Generation (DKG) and Threshold Cryptography for OpenPGP. The generated public keys are compatible with the standard and thus can be used by any RFC4880-compliant application (e.g. GnuPG). The main purposes of this software are distributing power among multiple parties, eliminating single points of failure, and increasing the difficulty of side-channel attacks on private key material. +The Distributed Privacy Guard (DKGPG) implements Distributed Key +Generation (DKG) and Threshold Cryptography for OpenPGP. The +generated public keys are RFC4880 compatible and can be used by e.g. +GnuPG. The main purpose of this software is distributing power among +multiple parties, eliminating single points of failure, and +increasing the difficulty of side-channel attacks on private key +material. -DKGPG consists of a bunch of simple command-line programs. The current implementation is in experimental state and should NOT be used in production environments. Motivation, cryptographical background and some usage scenarios have been presented at 26th Krypto-Tag (GI Working Group) and Datengarten/81 (CCCB). Please consult the slides for a first overview. +DKGPG consists of a number of command-line programs. The current implementation +is in experimental state and should NOT be used in production environments. -Using well-established multi-party protocols a shared private key and a common public key (currently only DSA/ElGamal) is generated. Then further interactive protocols perform the private operations like decryption and signing of files, provided that a previously defined threshold of parties/devices take part in the distributed computation. Due to the interactiveness of the protocols a lot of messages between participating parties have to be exchanged in a secure way. We employ GNUnet, and in particular its mesh routed CADET service, to establish private and broadcast channels for this message exchange. However, as alternative to GNUnet a simple TCP/IP based service for message exchange is included. With torsocks and port-forwarding of a local hidden service this allows running the interactive programs over the well-known TOR network. +A shared private key and a common public key (currently only +DSA/ElGamal) are generated. Further interactive protocols perform the +private operations like decryption and signing of files, provided +that a previously defined threshold of parties/devices take part in +the distributed computation. Due to the interactiveness of the +protocols, a lot of messages between participating parties have to be +exchanged in a secure way. GNUnet's mesh-routed CADET srvice is used +to establish private and broadcast channels for this message +exchange. A TCP/IP-based service is included as an alternative. It +may be combined with torsocks and NAT of a local hidden service. %prep %setup -q
