how to create a symmetric cipher

Wei Wu [H] wwu at dls.net
Tue Nov 14 23:39:43 CET 2006 

Good to know the details of this process.

I don't have a need to distribute data to other users, and simply need to
protect some local data and only the person with the key is allowed to
decrypt the data. That's the reason I want a symmetric key based solution.  

Thanks,
Wei

-----Original Message-----
From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org]
On Behalf Of Joseph Oreste Bruni
Sent: Tuesday, November 14, 2006 4:17 PM
To: gnupg-users at gnupg.org
Subject: Re: how to create a symmetric cipher 

When you encrypt to a person's public key you are not using the  
public key to encrypt the data. First, a random session key is  
generated and used to encrypt the data using a symmetric cipher. Then  
only the session key is encrypted using the public key and appended  
to the file. The recipient uses his private key to decrypt the  
session key which is then used to decrypt the data via the symmetric  
cipher. This way you avoid passing symmetric keys in the clear.

If you are looking to build a custom solution, you might be better  
off looking at the OpenSSL crypto API.

Joe


On Nov 14, 2006, at 3:04 PM, Wei Wu [H] wrote:

> Thank you. As I said in my other posts, I don't want to use  
> passphrase based
> encryption, and am looking for key based solution.
>
> Also I don't need a private/public key-pair based solution as  
> symmetric key
> is more efficient.
>
> Regards,
> WW
>
>
> -----Original Message-----
> From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users- 
> bounces at gnupg.org]
> On Behalf Of Joseph Oreste Bruni
> Sent: Tuesday, November 14, 2006 3:41 PM
> To: gnupg-users at gnupg.org
> Subject: Re: how to create a symmetric cipher
>
> gpg --symmetric --encrypt
>
> The default is CAST5, but you can specify the algorithm using --
> cipher-algo
>
> -Joe
>
>
> On Nov 14, 2006, at 12:52 PM, Wei Wu [H] wrote:
>
>> Hi there,
>>
>> I want to create a symmetric cipher such as AES to encrypt some
>> data, and
>> think gpg (GnuPG Version 1.4.2.1) may do this. But I found it gives
>> only
>> three options, none is symmetric. I would appreciate if anyone can
>> point me
>> to another or way to do it?
>>
>> Regards,
>> WW
>>
>> gpg --gen-key
>>    (1) DSA and Elgamal (default)
>>    (2) DSA (sign only)
>>    (5) RSA (sign only)
>>
>>
>>
>> _______________________________________________
>> Gnupg-users mailing list
>> Gnupg-users at gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>

More information about the Gnupg-users mailing list