Symmetric encryption
David Shaw
dshaw at jabberwocky.com
Sun Jul 28 18:16:01 CEST 2002
On Sun, Jul 28, 2002 at 11:02:56AM -0400, Gordon Worley wrote:
> When I symmetrically encrypt a file, I have a few questions about what
> is generated:
>
> - Where is the key stored?
> - Is the passphrase used to protect a key? Is the passphrase the key?
It depends on what sort of symmetric encryption settings you use. By
default, GnuPG does the same sort of thing it does with public key
encryption - random session key, encrypt the data with the session
key, then encrypt the session key. The difference with --symmetric is
that it then encrypts the session key with your passphrase, rather
than with a public key. When --rfc1991 is specified, GnuPG just
encrypts the data itself with your passphrase. There are a few
possible ways to turn a passphrase into a key - see the "String-to-key
(S2K) specifiers" section in RFC 2440.
> - How is the output formatted? Can a program other than GnuPG decrypt
> it?
The format is fairly simple, and a program other then GnuPG or PGP can
certainly decrypt it. The exact details are in RFC 2440.
David
--
David Shaw | dshaw at jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
More information about the Gnupg-devel
mailing list