Random seed for symetric encryption

Nikolaus Rath Nikolaus at rath.org
Mon Jan 16 11:47:31 CET 2006


Henry Hertz Hobbit <hhhobbit at securemecca.net> writes:
>> >Now I wonder why GPG needs random data for symmetric
>> >encryption. Should I care about the message or not?
>> >And how can I make it disappear?
>
> The SHORT answer is, yes it does need random data for just doing
> symmetric encryption.  Yes, you should care about the message.
> To make the message  disapper create a public / private key with
> a passphrase that will NEVER be the same passphrase that is used
> for the encryption of your files.  If you never use it (don't
> send email messages that are signed or encrypted) make it
> something you are guaranteed to forget and never use again
> (repeatable random key strokes? - you need to type it twice).

I do have a public/private keypair which is regularly used. An the
random seed file actually exists. The warning is not always displayed
but only from time to time, just as if gpg ran out of randomness. So I
dare say that creating another keypair will not make it disappear,
will it?

Thanks,

   --Nikolaus

-- 
In Linux werden mehr Sicherheitslücken gefunden.
In Windows sind mehr Sicherheitslücken drin.
                                    -- Lutz Donnerhacke



More information about the Gnupg-users mailing list