RSA - IDEA Public Key Imports and Encrypts Fine with GNUPG...Why?

Adrian 'Dagurashibanipal' von Bidder avbidder at fortytwo.ch
Wed Dec 10 11:56:32 CET 2003


On Tuesday 09 December 2003 23:48, Ryan Lovelady wrote:
> I have a public RSA key that uses the IDEA cipher that was created using
> PGP.  GNUPG will allow me to import this key and encrypt files
> successfully...but I don't understand how it can do this if it has no
> support for IDEA.  I do not have the IDEA plug-in.  It doesn't make sense
> to me that it would be able to natively encrypt using the RSA/IDEA key.

IDEA is used in two places, AFAIK:
 - to protect the secret key (you said you imported the public key, so this 
doesn't apply here)
 - as symmetric algorithm in encryption

BUT: the use of IDEA for session encryption is only one of several 
possibilities - if you encrypt to a key, there is a choice of several 
algorithms the sender can use. One of these choices is IDEA, but another is 
3DES, which is always available. So if you encrypt messages *to* a key which 
indicates IDEA in its preferences, but IDEA is not available, gpg will chose 
3DES to encrypt the message.

Of course, this doesn't change the fact that you won't be able to decrypt 
messages encrypted with IDEA with a stock gnupg. So if you have such a 
(secret) key, the thing to do is change the preferences on that key and 
publish the new version of the key, and also (since people will use the old 
version still) get a version with idea enabled (I don't know anything about 
license issues, so you might not have that route available).

cheers
-- vbi

-- 
random link of the day: http://fortytwo.ch/sienapei/tieyiesh
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 331 bytes
Desc: signature
Url : /pipermail/attachments/20031210/b53bcc95/attachment.bin


More information about the Gnupg-users mailing list