Changing signature algorithms

Newton Hammet newton@hammet.net
Thu Oct 17 05:11:02 2002


MindFuq wrote:
> 
> I'm using GPG version 1.0.7 (stock), which is capable of the following
> algorithms:
> 
>   Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
>   Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
>   Hash: MD5, SHA1, RIPEMD160
> 
> My problem is that I can't find the switch to create a non-SHA1 hash.
> I want to sign using MD5 or RipeMD160.

To find out hashes you are using:

gpg --edit-key <yourkeyid>
Command> showpref
pub  2048R/05BD84B4  created: 2002-09-26 expires: 2003-09-26 trust: u/u
(1). Newton Hammet (TreeFlyer Global Resources) <newton@hammet.net>
     Cipher: TWOFISH, AES, CAST5, 3DES
     Hash: SHA1, RIPEMD160
     Compression: ZLIB, ZIP

To find the corresponding codes (use the 'pref' command, aka 'expert')

Command> pref
pub  2048R/05BD84B4  created: 2002-09-26 expires: 2003-09-26 trust: u/u
(1). Newton Hammet (TreeFlyer Global Resources) <newton@hammet.net>
     S10 S7 S3 S2 H2 H3 Z2 Z1 [mdc]

The pref command gives a list of codes, the first char determining 
what the algo is (S=symmetric-key-algo,H=hash,Z=compression)
and the following number the specific algorithm.

A mapping of numbers for most algorithms is available here:
(obtained from 'include/cipher.h' in the source distro)

CIPHER_ALGO_NONE        0
CIPHER_ALGO_IDEA        1
CIPHER_ALGO_3DES        2
CIPHER_ALGO_CAST5       3
CIPHER_ALGO_BLOWFISH    4
CIPHER_ALGO_SAFER_SK128 5
CIPHER_ALGO_DES_SK      6
CIPHER_ALGO_RIJNDAEL    7
CIPHER_ALGO_RIJNDAEL192 8
CIPHER_ALGO_RIJNDAEL256 9
CIPHER_ALGO_TWOFISH     10
CIPHER_ALGO_SKIPJACK    101
CIPHER_ALGO_TWOFISH_OLD 102
CIPHER_ALGO_DUMMY       110
PUBKEY_ALGO_RSA         1
PUBKEY_ALGO_RSA_E       2
PUBKEY_ALGO_RSA_S       3
PUBKEY_ALGO_ELGAMAL_E   16
PUBKEY_ALGO_DSA         17
PUBKEY_ALGO_ELGAMAL     20
DIGEST_ALGO_MD5         1
DIGEST_ALGO_SHA1        2
DIGEST_ALGO_RMD160      3

So with this pattern, the hash MD5 is represented by 'H1'.

Example: we want CIPHER=TWOFISH, DIGEST(HASH)=MD5,
COMPRESSION=ZLIB, then To set algorithm preferences :

Command> setpref S10 H1 Z2
Command> updpref

and save changes before quiting should update you the above
algorithm choices.
> 
> Another problem is that with the --cipher-algo switch, I cannot change
> the algorithm used to encrypt the hash on my signature.  In fact, this
> switch won't even let me select the default DSA algorithm.
> 
> I'm guessing that the answer to my second question is that the
> algorithm used to encrypt the hash is determined by my key.  Is that
> correct?  If so, then what is the --cipher-algo switch used for?
> 
> Then I tried to generate an RSA key, and was told it could only be
> used to sign messages.  Why can't it be used for encryption?  To
> confuse things, I ran a 'showpref' on the key, and it did not list any
> asymmetric ciphers, not even RSA; but it did list symmetric ciphers:
> AES, CAST5, 3DES.  How are these ciphers used with a key that can only
> sign?  My understanding of a signature is that the hash is encrypted
> with an asymmetric key, not a symmetric key.

This is true 'showpref' does not show the asymmetric ciphers.

If you look at the choices for your primary key, RSA is for sign only.

However after generating an RSA signing key you can add an RSA 
encrypting key as a sub-key again using ::

gpg --edit-key <yourkeyid>

==================== sample I ran on my workstation
Command> addkey
Key is protected.

You need a passphrase to unlock the secret key for
user: "yakoff smirnoff (i am an rsa key) <treeflyr@io.com>"
1024-bit RSA key, ID DDAC44C2, created 2002-10-17

Please select what kind of key you want:
   (2) DSA (sign only)
   (3) ElGamal (encrypt only)
   (4) ElGamal (sign and encrypt)
   (5) RSA (sign only)
   (6) RSA (encrypt only)
Your selection? 6
==================== end of sample

you will then get a choice for an RSA signing key, and also an RSA
encrypting key.  pick option '6'...

The software doesnt allow RSA keys to be used for both signing
and encryption because there are too many ways that a message can
be recovered, due to the fact that 'signing' means multiplying
the message by the private key, and encrypting means multiplying
the message by the public key.  note that decrypting is equiv
to signing.

I hope this short answer helps answer your question. Let me
know if you need more information.

Regards, Newton
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users