how to create a symmetric cipher
Wei Wu [H]
wwu at dls.net
Tue Nov 14 23:39:43 CET 2006
Good to know the details of this process.
I don't have a need to distribute data to other users, and simply need to
protect some local data and only the person with the key is allowed to
decrypt the data. That's the reason I want a symmetric key based solution.
From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org]
On Behalf Of Joseph Oreste Bruni
Sent: Tuesday, November 14, 2006 4:17 PM
To: gnupg-users at gnupg.org
Subject: Re: how to create a symmetric cipher
When you encrypt to a person's public key you are not using the
public key to encrypt the data. First, a random session key is
generated and used to encrypt the data using a symmetric cipher. Then
only the session key is encrypted using the public key and appended
to the file. The recipient uses his private key to decrypt the
session key which is then used to decrypt the data via the symmetric
cipher. This way you avoid passing symmetric keys in the clear.
If you are looking to build a custom solution, you might be better
off looking at the OpenSSL crypto API.
On Nov 14, 2006, at 3:04 PM, Wei Wu [H] wrote:
> Thank you. As I said in my other posts, I don't want to use
> passphrase based
> encryption, and am looking for key based solution.
> Also I don't need a private/public key-pair based solution as
> symmetric key
> is more efficient.
> -----Original Message-----
> From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-
> bounces at gnupg.org]
> On Behalf Of Joseph Oreste Bruni
> Sent: Tuesday, November 14, 2006 3:41 PM
> To: gnupg-users at gnupg.org
> Subject: Re: how to create a symmetric cipher
> gpg --symmetric --encrypt
> The default is CAST5, but you can specify the algorithm using --
> On Nov 14, 2006, at 12:52 PM, Wei Wu [H] wrote:
>> Hi there,
>> I want to create a symmetric cipher such as AES to encrypt some
>> data, and
>> think gpg (GnuPG Version 126.96.36.199) may do this. But I found it gives
>> three options, none is symmetric. I would appreciate if anyone can
>> point me
>> to another or way to do it?
>> gpg --gen-key
>> (1) DSA and Elgamal (default)
>> (2) DSA (sign only)
>> (5) RSA (sign only)
>> Gnupg-users mailing list
>> Gnupg-users at gnupg.org
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
More information about the Gnupg-users