-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 On 06/04/2006 10:36 PM, [EMAIL PROTECTED] wrote: > Firstly, in pure RSA/ElGamal etc, there is no passphrase U - there's > numbers p,q,g,a,b, etc. Only when you encrypt. > The way I understand it: > Your secret key is encrypted using your passphrase. Your passphrase > essentially acts as a symmetric key, one never stored anywhere except > your head. Am I correct in the belief that this is how it works? I > imagine it's some type of hashing or somesuch. If you don't want to > give all the details of transformation from passphrase to key, that's > okay, just want to make sure I understand it. Almost correct.
> Secondly, Using the option --symmetric creates a .gpg file and prompts > you for a passphrase that the symmetric key is based on. Decrypting a > Symmetric-ly Encrypted file is done by generic --decrypt option, and > the header, non-encrypted part of the file says "Hey this is > symmetric, prompt for a passphrase" Right. > Thirdly, GPG is based upon a hybrid system entirely. Only when you use public key encryption. > The data of any file is ALWAYS encrypted symmetrically, and a symmetric > key is made for each encryption use. It is called "session key". > The symmetric key used is then encrypted with the public key of the > recipient and the whole thing is bundled together. OK. > If I'm encypting something already zipped or compressed in any other > method, I should use -z 0 because trying to compress it further isn't > likely to do much, and it will slow down the processing - right? Gnupg is aware of different compression algos(bzip2, zlib, zip) and when encounters such a compressed file disable compression automatically. > RSA & ElGamal use keys around 1024-2048 usually. 1024 RSA/ElGamal is considered semi-weak. > EC uses 160-224 bit keys, but is based on mostly different math > (it may be equivalent at some level, but I'm neither aware nor able > to understand anythig beyond yes or no on that topic). > AES uses 256 bit. It's not allowed to go over 256 bit. This is because > it's an entirely different area of cryptography? This is because AES doesn't allow this. Stop. > Block Ciphers as opposed to integer factorization, > discrete logs, or curvature? And comparing key lengths between the > three areas (IF/DS, EC, Block) without any normalization You could read NIST Special Pubblication 800-57 section 5.6.1 about this issue. > Some questions I couldn't find answers too online: > RSA, ElGamal - I've always learned them as Asymmetric Ciphers - Public > Key/Private Key. What algorithm does GPG use for the symmetric side > of things? What's the size of the key? (the size of the key chosen > for the Keypair?) gpg --versions shows supported algorithms. Many symmetric ciphers allow only a fixed length key by desing(IDEA, CAST5, 3DES); others(AES, TWOFISH, BLOWFISH) can be used with different key sizes, but only AES is used in such a way in OpenPGP. > For encryption of documents to myself, I can: > - Use Symmetric Encryption with a passphrase of my choosing. But a > passphrase seems weaker than a full blown key. You still use a passphrase to protect the secret part of your keyring, this is the weak link of most cryptosystems. > - Is there an option to have a Symmetric Key, that behaves like both a > public and a private key? Obviously you'd have to not publish your > the key, but apart from that? If you must not publish it, what makes it a public key? Hmmm, some bells start ringing in my head. Is this a homework assignment? > --throw-keyid --encrypt-to-self will produce a file that, considering > all available information available in the file, is known ONLY to be > encrypted by GPG X.Y.Z with the private key of some individual. But > may only be decrypted by myself (because it's encrypted to myself). > Right? This is wrong twice. Guess why. > What would happen if I tried --symmetric --throw-keyid ? Try yourself. > Does ElGamal double the size of the encrypted document if used without > encryption? This is DEFINITELY a homework assignment! Ever heard of Google? It is the holy saint of high school students. - -- Q.E.D. ICQ UIN: 301825501 OpenPGP key ID: 0x58D14EB3 Key fingerprint: 00B9 3E17 630F F2A7 FF96 DA6B AEE0 EC27 58D1 4EB3 Check fingerprints before trusting a key! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEg1oSH+Dh0Dl5XacRA8KkAJ94z914Z6TMrpZzDX1/0P4V5dUnYgCghUPf BJkf7JeMVOQVfoGJTrjMSuY= =ajKl -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
