Symmetric encryption

Gordon Worley redbird at
Sun Jul 28 19:01:02 CEST 2002

On Sunday, July 28, 2002, at 11:16  AM, David Shaw wrote:

> On Sun, Jul 28, 2002 at 11:02:56AM -0400, Gordon Worley wrote:
>> When I symmetrically encrypt a file, I have a few questions about what
>> is generated:
>> - Where is the key stored?
>> - Is the passphrase used to protect a key?  Is the passphrase the key?
> It depends on what sort of symmetric encryption settings you use.  By
> default, GnuPG does the same sort of thing it does with public key
> encryption - random session key, encrypt the data with the session
> key, then encrypt the session key.  The difference with --symmetric is
> that it then encrypts the session key with your passphrase, rather
> than with a public key.  When --rfc1991 is specified, GnuPG just
> encrypts the data itself with your passphrase.  There are a few
> possible ways to turn a passphrase into a key - see the "String-to-key
> (S2K) specifiers" section in RFC 2440.
>> - How is the output formatted?  Can a program other than GnuPG decrypt
>> it?
> The format is fairly simple, and a program other then GnuPG or PGP can
> certainly decrypt it.  The exact details are in RFC 2440.

Thanks.  One more question:  how do I know what cipher was used?  I see 
that I can set this using --cipher-algo and --s2k-cipher-algo (the 
former of course being the better way to do this), but when I 
symmetrically encrypt a file I'm not told anything until decryption, 
when it does show the algorithm that was used.  Is there anyway to find 
this out before or during encryption?

Also, Marcus, if it isn't already in CVS, could you add the ability to 
set the cipher algorithm from GPGME?

Gordon Worley - Mac GPG Project              ``Doveriai no proveriai.''
redbird at                                --Russian proverb
PGP:  0xBBD3B003

More information about the Gnupg-devel mailing list