gpg on windows

[Werner Koch]

Eugene Cheipesh <eugene@wallstreetnet.com> writes:

> I am trying to use gpg under windows. My first question if of security. In
> the manual it sais that random number generation is not tested under
> windows. I was wondering if I inport a public/private key pair from a linux
> machine (which should have secure algorithms) would that remedy the problem?

importing and exporting is not a problem.  But as soon as you use a
secret key and especially if you _sign_ a message you have to care
about the RNG - a bad RNG may leak out your secret key.

I think the Windows RNG is pretty good and not worser than one other
security software uses.

> If I encrypt a file to be read only by a curtain user is the whole file
> getting envcrypted using public/private algorithm or does gpg generate a
> symetrik key and just encrypts that and stores it at the begining of the
> file ?

Yes.  The performance of symmetric algorithms is by some orders of
magnitude higher than the one of public key algorithms.  No encryption
program uses a public key algorithm to encrypt a bulk data.

> 3) Doubt anyboyd knows but ...
> Is there a way to force windows mail clients to have an outgoing filter? ex:
> OutlookExpress. If not is there any other way to have them work w/ gpg?

I hoe there is a way as I am going to do something like this.  AFAIK
there is some plugin for PGP

> when I use gpg it displays a msg that I do not have secure memory, what
> exactly does that mean? Is it reffering to swap or what?

See the man page; about the last section.  Yes, is refers to paging
memory out to disk.  You get rid of the warning by putting a
"no-secmem-warning" into your ~/.gnupg/options file.

> PS: Please do not flame me for using windows. 2 of my 3 computers are linux

No problem.  MS-Windows is not the primary goal but on popular demand
(and by getting paid for it) I did this port and will continue to work
on it.


-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013