Session Key Questions
Werner Koch
wk at gnupg.org
Wed Sep 17 16:41:38 CEST 2008
On Wed, 17 Sep 2008 15:52, kevhilton at gmail.com said:
> 1. How is the session key generated? How is its entropy randomness
> determined? Is there a specific algorithm used to generate the key?
It is a random number of course:
This random number generator is modelled after the one described in
Peter Gutmann's paper: "Software Generation of Practically Strong
Random Numbers". See also chapter 6 in his book "Cryptographic
Security Architecture", New York, 2004, ISBN 0-387-95387-6.
> 2. Once generated, Im confused how its used. When I use the gpg
> --show-session-key option I receive:
> gpg: session key:
> `9:EB7DFF392EA4EDBC90A8836F82462CD0E0B5AB22D49141941CE252311ECD2D9C'
That one is the encrypted using the public key algorithm (RSA or
Elgamal) and prepended to the messaage as described in rfc4880.
> 3. Is it possible to decrypt a gnupg encrypted message if I know the
> decrypted session key? How could this be accomplished?
Yes, use:
--override-session-key string
Don't use the public key but the session key string. The format of
this string is the same as the one printed by --show-session-key.
This option is normally not used but comes handy in case someone
forces you to reveal the content of an encrypted message; using this
option you can do this without handing out the secret key.
Salam-Shalom,
Werner
--
Linux-Kongress 2008 + Hamburg + October 7-10 + www.linux-kongress.org
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users
mailing list