Selecting cipher to generate a key pair
vedaal at hush.com
vedaal at hush.com
Fri May 1 20:41:04 CEST 2009
"Smith, Cathy" <cathy.smith () pnl ! gov> wrote on
Date: 2009-05-01 16:08:44 :
>I have a customer who can not accept our pgp public key.
>They are asking for a specific cipher to be used in generating the
public key.
this sounds like there might be a 'problem' ...
there are people who 'can' use 'any' cipher, but prefer a
particular one,
or have a company policy to use a specific one, e.g . AES-256 or
3DES
and there are people whose programs can use only 'one' cipher, and
no others
at the risk of taking 'wild guesses' ;-)
the only situations i can think of where a person 'cannot' accept
anything other than one cipher are:
[1] a die-hard pgp 2.x user who needs a v3 key using IDEA
(yes, they still exist, but probably won't survive the move to 64
bit systems)
[2] a company that is bound by some standard to use AES or 3DES
(i can't imagine any company really insisting on 'only Blowfish'
and nothing else ;-) )
[ anyway, it was 'cracked on 24' and shown on network tv to have a
'backdoor' ;-) ]
{please excuse the 'semi-off' geek humor,
blowfish has 'no' backdoor and is still quite secure,
no matter what hollywood writers say ;-)) }
if you have situation [1], you are out of luck using any current
gnupg or pgp,
(there was a post on how to do this with an older gnupg version,
but it would be much simpler to just use pgp2.x to generate it)
if you have situation [2],
it is much easier,
temporarily put the following 2 lines in your gpg.conf
expert
s2k-cipher-algo name ('name' is the name of the cipher your client
wants)
then save your gpg.conf
and run
gpg --gen-key
the key will be generated with the cipher your client wants
if this still doesn't help,
then please post 'exactly' what you need done
vedaal
any ads or links below this message are added by hushmail without
my endorsement or awareness of the nature of the link
--
Click to learn about options trading and get the latest information.
http://tagline.hushmail.com/fc/BLSrjkqecvgtaqxBQoBwCwuiy1xiCJDJ0xgdXq4JeQ5VIifkutIcKtAkaYI/
More information about the Gnupg-users
mailing list