how to create a symmetric cipher

[Wei Wu [H]]

Yes. That's what I need. 
Thanks,
WW

-----Original Message-----
From: Sven Radde [mailto:sven at radde.name] 
Sent: Wednesday, November 15, 2006 12:46 AM
To: Wei Wu [H]
Cc: gnupg-users at gnupg.org
Subject: Re: how to create a symmetric cipher

Hello!

Wei Wu [H] schrieb:
> The data to be protected resides on a fixed harddisk in a Windows
computer.
> I have a tool on Windows platform that does encryption using either a
> passphrase or a key file. Use of a key file is recommended as it is more
> secure (assuming passphrases can be cracked relatively easily). The key
file
> is expected to be stored separately in a removable disk. So I need a tool
to
> create a key. 
>
> I checked a few key tools such as java keytool and gpg, but their genkey
> option does not support the generation of a symmetric key/cipher.
No offense intended, but you are confusing the involved concepts quite
heavily.

What you need for your tool is merely a file filled with random data.
This "key" is totally different from what gnupg, java keytool, openssl
etc. use as keys for their sophisticated protocols.

However, gnupg offers to generate some random bytes using the
--gen-random command, which is probably what you need:

--gen-random /0|1|2/ [/count/]

    Emit COUNT random bytes of the given quality level. If count is not
    given or zero, an endless sequence of random bytes will be emitted.
    PLEASE, don't use this command unless you know what you are doing,
    it may remove precious entropy from the system!


So you would need to issue something like "gpg --gen-random 2 32 >
file.key" to generate a 32 Bytes (=256 Bit) file full with random data
to be used as a key by your other tool.
Note that I do not have an idea whether "0" or "2" is the highest
"quality" level for the random data. Probably others can clarify, but I
assume that 2 is highest quality.

HTH,
  Sven Radde