Key migration: rsa4096/0x673A03E4C1DB921F → ed25519/0x2404C9546E145360

Submitted by gwolf on Fri, 11/22/2019 - 20:08

Oh, the joys of life... I see myself forced to do a key migration.

No, no — Don't worry! My key didn't land in any hostile party's hands. And I still kinda-sorta-have access to it.

Let me explain. I was quite a happy user of a Yubikey, kindly given to me in mid-2018. As the recommendation goes, I backed up my master key's secret material to an offline media, and kept the relevant subkeys in the Yubikey; I love knowing my computer does not have access to the private keys although it can use them — The Yubikey provides just the needed interfaces for them. And here they are:

$ gpg --list-secret-keys 
/home/gwolf/.gnupg/pubring.gpg
------------------------------
sec#  rsa4096/0x673A03E4C1DB921F 2009-07-09 [SC] [expires: 2020-12-19]
      Key fingerprint = AB41 C1C6 8AFD 668C A045  EBF8 673A 03E4 C1DB 921F
uid                   [ultimate] Gunnar Eyal Wolf Iszaevich 
uid                   [ultimate] Gunnar Eyal Wolf Iszaevich 
uid                   [ultimate] Gunnar Eyal Wolf Iszaevich (Instituto de Investigaciones Económicas UNAM) 
ssb>  rsa4096/0x92853D8CF7F6543F 2009-07-09 [E] [expires: 2020-12-19]
ssb>  rsa4096/0x80382A731F474556 2018-07-31 [E] [expires: 2020-12-19]
ssb>  rsa4096/0xA5F64FDEB981CD8C 2018-07-31 [S] [expires: 2020-12-19]
ssb>  rsa4096/0x49DD2A4E4979619C 2018-07-31 [S] [expires: 2020-12-19]
$ gpg --card-status 
(...)
Signature key ....: FA42 3AA0 6D8F E9ED 5D6C  5E42 A5F6 4FDE B981 CD8C
      created ....: 2018-07-31 03:29:09
Encryption key....: 0DE6 49DF 2778 E904 94B6  7952 9285 3D8C F7F6 543F
      created ....: 2009-07-09 23:20:40
Authentication key: 7C79 5E53 9968 8DDF 66F7  D620 49DD 2A4E 4979 619C
      created ....: 2018-07-31 03:31:16
General key info..: sub  rsa4096/0xA5F64FDEB981CD8C 2018-07-31 Gunnar Eyal Wolf Iszaevich 
sec#  rsa4096/0x673A03E4C1DB921F  created: 2009-07-09  expires: 2020-12-19
ssb>  rsa4096/0x92853D8CF7F6543F  created: 2009-07-09  expires: 2020-12-19
                                  card-no: 0006 05009847
ssb>  rsa4096/0x80382A731F474556  created: 2018-07-31  expires: 2020-12-19
                                  card-no: 0006 05009847
ssb>  rsa4096/0xA5F64FDEB981CD8C  created: 2018-07-31  expires: 2020-12-19
                                  card-no: 0006 05009847
ssb>  rsa4096/0x49DD2A4E4979619C  created: 2018-07-31  expires: 2020-12-19
                                  card-no: 0006 05009847

Until... One sad day, I discovered I could not decrypt documents sent to me anymore. While signing and encrypting do work:

$ date | gpg --encrypt --recipient 0x673A03E4C1DB921F --armor
-----BEGIN PGP MESSAGE-----

hQIMA4A4KnMfR0VWAQ/+J/Onblw3M/PwZ6ekhz3Ojnzf3pxlObLcNNNZMOlvUApK
uOAAMQ/YF/cueUbxSZT8+Yt4HV8iijVvI1Y4AK7ELvcjxdBhvmfc5QBG22lEaKPh
XNK+MUMv0xN4eIJh+uksZc6mdM6IZfvx1Io5RWiD6hABfQF7XyRwxF584PCqHMeq
oiYg1VY6epIWtunSfVa+CpF7MZ3KSTcs2VJdsutVuGxeS+NS7JVCApiXig4qk4yk
/Y/57RAy689vMNxu78noIP/mOnd7zV4DgRQ/l1iNaZnAMFgEeh1FtSJLH5odD7T0
KyfVTwdRHTJetedDjCIN+5bboNj4hIjjW4+l8KJP3aP/f8ppZuycHQ9mEf/YCuPn
KPeo7YKLGYKlerPylfENokaG7SkNyvd6UV1TdZ5eilTGBiSZpNAdlaHP0uaICbPA
Mpbn4COy52H2VTg/J/Wle1IyLPFJpGe87o/UEkylSoARMnhhtq5+Mm5mrL8k1Y5m
GvKqd8q7y7Bche+l5o2QRTZpLSfwZZ28r9qTX8S0vh+NvBD14iVNReR+RRZuf9FU
Qhgz3TzfSEwFngced24LmIXQNgtN/QBynRGJDgR0Kq9Su4/uv8VVt4N4I8wlU3qG
NwpK44FBlHPSZ6UQga/Y3Pckbrn8+RoOuIyMC0ExtDpB6qawfbssR+2EfNmPeWjS
WwHGJQ8PJ2fadWMJewhfXDVdio7LVZHqIUdJIasKB9Z3PCWoJUtrsEw0EHQxG3CZ
SN2QlLPBwveFtK0HQW6ZS29gGq6Z9Kj2la64NCJMtnYSq4RDV2wGaRr027E=
=bWqr
-----END PGP MESSAGE-----
$ date | gpg --clearsign 
gpg: using "C1DB921F" as default secret key for signing
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Fri 22 Nov 2019 06:31:42 PM CST
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfHleU5lojd9m99YgSd0qTkl5YZwFAl3Yfe4ACgkQSd0qTkl5
YZyTqhAAhToJg5byHBK37S4ixLc8w6mJWLlLOVvmDUmiXD2EbZoHEyCaVXJNCR+O
RveuDjfOpM/I4InrHaypGjzc7aO2yhcPnH+8adE6JBfakNdvk13XMynXggE3kqxL
oe0ZEx7sLiJaw/LzSr70kHBAqN4wnzx14+nKSuWYqZIdjR8eko867edBPWDZZgEn
nM+CSpd6XQbksf4BQR7S+/XmRKoeXuksPbmWC2uOsK9dMqGDhU91YY/j1eh3cMzq
4o/EOdc1grsfl4e8uV9z3nylOQP/PzXEp/fxXhU4lTVjVrjkBkOkDhO0DnGk8QD9
GQzdk3o6xt1gUxAGfthquRS/8ozdeL0lQ8CMaRGLRCiZKxO0kdtNkJ8QJNKxx/3M
CM/qHUnWWzyU078ncx0RkvZdwD1fq8eGM2RsptPjdeBc5Wgz7wAI5MpaUQezMrdA
/7rtJ7EnZL6WN33nwQjAC0MxoKSA073Fo8CqtBiqXkCtfp4x5x9FRpndgi7iKCNt
gQibgCIGYS6R09Q/F6r2uDcX84+SXzRyfftbP56k/4dyByn1ei7EvOM9Yi3ToU0p
qhAqLLqrG1omInTsQFGMgy/iRE7giT64YgKThdFNdT2DSNqoEkG581nabUoac8Hm
EFqGUDPn3rkPEZq6KNRTXKlMEFj7SF5v95iHWuh8OU+nPEWF1sY=
=2RSg
-----END PGP SIGNATURE-----

trying to decrypt the message does not get me very far:

$ date | gpg --encrypt --recipient 0x673A03E4C1DB921F --armor | gpg --decrypt
gpg: encrypted with 4096-bit RSA key, ID 0x80382A731F474556, created 2018-07-31
      "Gunnar Eyal Wolf Iszaevich "
gpg: public key decryption failed: Hardware problem
gpg: decryption failed: No secret key

And although the message is quite clear (public key decryption failed: Hardware problem), I spent far too many attempts at putting things upside down, trying and trying and trying to fix the issue. But no: Hardware problem means hardware problem. My Yubikey is somehow dead.

But it seems that... Even if I was able to bring it back from the dead, I would be doomed anyway: The USB key where I kept the backup for the master key material refuses to be read. Of course, I also gave it several attempts... All failed ☹ And, of course, I had it on just a single media ☹ So even getting the Yubikey decryption back to life would only allow me to use my key until 2020-12-19.

So... What's left for me to do? I just generated a shiny new elliptic-curve key, and will as soon as possible migrate my Debian credentials to use it. Please note, I am not able to sign my new key with the old one, as only the master key has Certification ability. So, the next best thing is a migration statement. I am inlining it here for convenience; if you want to check it, you can either:

$ wget https://gwolf.org/files/transition_statement.asc -O - | gpg --verify

Or just run gpg --verify and paste as its input the following text:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I am Gunnar Wolf, and I am transitioning away from my
rsa4096/0x673A03E4C1DB921F key, to ed25519/0x2404C9546E145360. The
reason for this transition is two simultaneous cases(!) of broken
hardware.

My old key is still usable until its expiry date, but I am unable to
use it for decryption; please use only my new key.

If you have signed my old key, please consider signing the new one;
this file is signed with both keys as a proof I do have control over
them. Please note my old key is unable to certify the new one, so it
is not yet signed.

 -={ Old key, which I am transitioning _away_ from }=-

pub   rsa4096/0x673A03E4C1DB921F 2009-07-09 [SC] [expires: 2020-12-19]
      Key fingerprint = AB41 C1C6 8AFD 668C A045  EBF8 673A 03E4 C1DB 921F
uid                   [ultimate] Gunnar Eyal Wolf Iszaevich 
uid                   [ultimate] Gunnar Eyal Wolf Iszaevich 
uid                   [ultimate] Gunnar Eyal Wolf Iszaevich (Instituto de Investigaciones Económicas UNAM) 

 -={ New key, which I am transitioning to }=-

pub   ed25519/0x2404C9546E145360 2019-11-22 [SC] [expires: 2022-11-21]
      Key fingerprint = 4D14 0506 53A4 02D7 3687  049D 2404 C954 6E14 5360
uid                   [ unknown] Gunnar Wolf 
uid                   [ unknown] Gunnar Eyal Wolf Iszaevich 
uid                   [ unknown] Gunnar Wolf 

The new key has been uploaded to pool.sks-keyservers.net. If you
decide to sign my new key, I'd prefer if you mail it to me via
(i.e. using caff).

Thank you very much,

      - Gunnar
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfHleU5lojd9m99YgSd0qTkl5YZwFAl3YhWkACgkQSd0qTkl5
YZxc1A//fycReXF6pqHl+zsMs4YW5fdMBDDuglIblX3AH5Q+ZtYvUEcEjUqXpTp4
32B725nF3o+chRsMosbJ2wUh6m5zbSl4ET/gjw+9M2XmrmC5HgrKurRh/bDryvZ1
lPPJOD6rfH5JeIBEnyoVrTaAMO5g2UUd3UM27EemNfK0oGZhJwbV8pvhQxLdrHk+
VKXBGPFcX0AttkutuixF7ieS/DjaVIogKPhy7r6UNEFopnMcGZmmTdy8EOnePLNc
ocHSHgVylErywx2zCaumC7nvc5nCeS+iStro2Cwpx1wcgdV0+RfX81Sz5v3g4IQA
Zv9AuAPBEnSFlrAPUggeDVTfA4A7BSoHgYnIo/xcIWnkd7SMwL/XDSgW3v7lNCJy
DvKhP9m0EM0KOOzzV8N3tyhvXNxW9fb0dmc+pUNI7qzXrzu0DVRiwrzRiCTnrOUQ
uV9cM/FdL82IGe5lGO48FgCBEaluocMu3bh9qFOIuQukbEvRsdgknGfcaa1mWRxs
YbBPYafFCTCRR410it2Ck4dRunHRLvYecTcFIvxUJ+lgrYSlRXIe4nfVmQ3lWosM
mUM9DhCanIeeNk/Enzqf8qpKlLzpBnEpJPnRciNvuGfvXzWSeKBdah7t5TNoMfNz
oWmCb2XbYmf8t7XFc9SNxWFaOTzt//w3Foo0DbBa9qtvuo4giRaIdQQBFggAHRYh
BGCzCT2WEI5cuXFC7+L2O0NT9FmJBQJd2IVqAAoJEOL2O0NT9FmJXwMA/j8s6O85
phqdDmOjKcmpKoxBlCKpulkMvpzSpxxcmGMzAP49HE6yVsyxFYoCI50w3nASSqmt
5i/2Cv7TgtzOFXU1AA==
=JxNv
-----END PGP SIGNATURE-----

I will be soon meeting with two DDs, so in any case, this key will be in shape to enter our keyring. Thank you very much for following so far!

(...And yes — This time I made two separate offline media backups for my master key material :-Þ)

Anonymous's picture

paperkey

I would recommend using paperkey for the future.

gwolf's picture

Paperkey - Of course!

...But, given my previous key was created ~10 years ago... I know at some point I printed it (not with paperkey, just as a regular printout of gpg --armor --export-secret-keys $mykey — anyway)... But I don't know where it is stored :-Þ That's one of the reasons it took me so long to do the migration.

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account associated with the e-mail address you provide, it will be used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <br> <b> <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote> <img> <h1> <h2> <h3> <tt> <pre> <strike> <table> <tr> <th> <td>
  • Lines and paragraphs break automatically.
  • Use <bib>citekey</bib> or [bib]citekey[/bib] to insert automatically numbered references.
  • Use [fn]...[/fn] (or <fn>...</fn>) to insert automatically numbered footnotes.
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>. The supported tag styles are: <foo>, [foo].

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Keep in mind that all comments will also have to be administrator-moderated. Don't waste your time writing a spam that no one will read.
3
s
K
u
c
A
Enter the code without spaces and pay attention to upper/lower case.