Encrypting with a venders public key

Leigh S. Jones, KR6X kr6x@kr6x.com
Thu Jun 27 18:02:02 2002 

In order to encrypt a file, it is necessary to generate a random
number for use as an encryption key.  No, this is not the public
key that your vendor provided.  It's called a session key, and
is much smaller than the public key, often 168 bits for 3DES
or 128 bits for many other ciphers.  The session key is a
symmetric key, and it is encrypted with the public key and then
sent along with the encrypted file for use in decryption.  The
session key is decrypted using the secret key that matches
the public key, and then used to perform the actual decryption.

But if the session key is not generated with a good random
number generator then the quality of your encryption is poor.

Your message indicates that gpg hasn't found a high quality
random number generator.  It's been told to look for the random
number generator at `/home/meuser/.gnupg/entropy'.  The
solution is to place a random number generator at that location
or to place a link at that location to the actual random number
generator.

As for random number generators, there has been recent
discussion of the issue on the list.  But perhaps it would be
a good idea to look into the entropy gathering daemon, egd.
Or search the web (google.com?) for HPUX random number
generators.  The info is out there, and I'm sure that some of
the list members would be glad to reveal what they use and
where it can be found.

I'm running gpg1.0.6 on HPUX, but don't use it for encryption
or for the creation of keys -- it's only used to create digital
signatures.  So my own HPUX installation never had an
RNG installed to gpg -- never needed one.


----- Original Message -----
From: "Mestack, Jim B." <JMestack@mc.utmck.edu>
To: <gnupg-users@gnupg.org>
Sent: Thursday, June 27, 2002 07:35
Subject: Encrypting with a venders public key


> Hello, I am new to gpg, and have a July 1 deadline.  We have just
installed
> it on an HPUX machine.
>
> I have downloaded one of our vendors public key's and --import fine.
>
> But when I attempt to encrypt a file using their key, I get the following
> error:
> gpg -r securekey --always-trust -o 20020627.gpg -e 20020627.opt
>
> gpg: fatal: can't connect to `/home/meuser/.gnupg/entropy': No such file
or
> diry
> secmem usage: 2400/2400 bytes in 5/5 blocks of pool 2400/16384
>
> Can someone please help identify what this means and what I need to do to
> get it functioning.
>
> Thanks,
>
> James Mestack
> Interface Programmer/Analyst
> Cloverleaf, Datagate, Visual Basic, Cerner Millennium
>
> UT Health Systems, Inc.
> University of Tennessee Medical Center
> 9000 Executive Park Drive
> Building D, Suite 100
> Knoxville, TN  37923-4685
> (865) 251-3717
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>