proper key types

Atom 'Smasher' atom-gpg at
Mon Dec 15 14:49:51 CET 2003

using GPG to encrypt email from a PHP form forces me to set some liberal*
permissions to the keyring.

* liberal should not be confused with insane... the permissions and
ownerships are what they have to be; that keyring is not shared with
"real" users, and the secret key is kept far from the server. nonetheless,
for the web server to use the key, the web server needs to access the
keyring, and a compromised web server could compromise the keyring.

my understanding of ElGamal encryption is that if the same value of "k" is
used more than once, you're hosed. i don't entirely understand how the
"random_seed" file is used and updated, but my concern is if it's possible
that an attacker might manipulate that file (or some other component of
the keyring) that would cause "k" to repeat.

in such a case, would it be prudent to use an RSA encryption sub-key? or
would i still have a good (enough) chance of producing unique "k"s even if
the "random_seed" file is compromised?


 PGP key -
 3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3

	When cryptography is outlawed,

More information about the Gnupg-users mailing list