On Sun, Jan 22, 2012 at 07:48:28PM +0400, Sergey Matveev wrote: > As I understand, such asymmetric ciphers as RSA and/or ElGamal requires > strong padding applied before "message" is encrypted. Message is of > course the one-time session key, used to encipher the actual data.
To use them correctly and securely, yes. > There are different versions of PKCS#1, NESSIE, OAEP and other schemes > exist. How can I get which one is used? Trivial grep-ing through the > 1.4.10 source code (which one I am using) does not help me much. GnuPG uses PKCS #1 v1.5. This is specified in RFC 4880. > Moreover I did not find the way padding can be changed/specified for > example for RSA. You cannot choose a different padding scheme and remain in compliance with the OpenPGP standard. > I will be glad to understand what I am missing. If the standard allowed different padding schemes, then all implementations would have to support multiple padding schemes, which would be burdensome without providing significantly more security. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
