Sub Keys versus Session Keys
JanuszA.Urbanowicz
JanuszA.Urbanowicz
Wed Mar 20 18:16:02 2002
David Livingstone wrote/napisa=B3[a]/schrieb:
>=20
> The textbooks (e.g. William Stalling's Cryptography & Network Security,
> 2nded, page 359) refer to PGP using one-time session keys to encrypt
> messages.
That is true.
=20
> GnuPG seems to use subkeys to encrypt messages instead (see GNU Privacy
> Handbook, page 23).
> Is this a difference between PGP and GnuPG, or due to using ElGamal
> instead of RSA, or what ?
It is no difference at all. All OpenPGP apps use one-time session keys.
It is that rfc2440-compliant ones use other public keys (public subkeys)
to encrypt them. It is difference in PK management, not in session protocol.
Alex
--=20
C _-=3D-_ H| Janusz A. Urbanowicz | ALEX3-RIPE | SF-F Framling | | =
* =09
; (_O : +-------------------------------------------------------------+ --=
+~|=09
! &~) ? | P=B3yn=B1=E6 chc=EA na Wsch=F3d, za Suez, gdzie jest dobrem ka=
=BFde z=B3o | l_|/=09
A ~-=3D-~ O| Gdzie przykaza=F1 brak dziesi=EAciu, a pi=E6 mo=BFna a=BF po d=
no; | | =20