Symmetric Encryption Requirement

Mark Jacobs mark.jacobs at
Fri Dec 19 11:37:59 CET 2003

On Friday 19 December 2003 10:41 am, David Shaw wrote:
> You can get the key with --show-session-key and write it to a file
> however you like, but it is unlikely you will be able to decrypt the
> data without doing some work, as OpenPGP programs use a special
> "OpenPGP cipher feedback mode" which may not be supported by your
> generic 3DES implementation.
> David

I tried to get the session key for the Symmetric Encrypted file, but it never
displayed anything.  Looking through the GNUPG archive messages I found
the statement that --show-session-key only works with public/private key
encrypted files not Symmetric. It also said that the session key for these
files is created by a SHA1 has of the passphrase entered. Is this true?

I tried --show-session-key on a file encrypted to my own public key and was
shown a 192 bit key as expected.

Is the session key stored in the encrypted file or regenerated from the entered
pass phrase during decryption. If it is stored in the encrypted file, I need to strip
if from the file prior to decryption on the mainframe (assuming I can't get GNUPG
to port)

Mark Jacobs
Time Customer Service, Tampa FL
Time Warner


What are the facts? Again and again and again --- 
what are the facts? Shun wishful thinking, ignore 
divine revelation, forget what "the stars foretell", 
avoid opinion, Care not what the neighbors think, 
never mind the unguessable "verdict of history" --- 
what are the facts, and to how many decimal places? 
You pilot always in to an unknown future; facts are
your only chance. Get the facts!
-- Lazarus Long
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: signature
Url : /pipermail/attachments/20031219/52a05485/attachment.bin

More information about the Gnupg-users mailing list