Selecting cipher to generate a key pair

Robert J. Hansen rjh at sixdemonbag.org
Sat May 2 00:57:34 CEST 2009


Smith, Cathy wrote:
> Is there a brief explanation available as to how the cipher is used in
> generating the private/public keys?  It seems this is separate from the
> cipher that is chosen to encrypt my data.


rjh at chronicles:~$ gpg --enable-dsa2 --gen-key
Please select what kind of key you want:
   (1) DSA and Elgamal (default)
   (2) DSA (sign only)
   (5) RSA (sign only)


If you choose #1, you will be using, by default, DSA as a signature
algorithm, AES256 as a general-purpose message encryption algorithm,
Elgamal as an asymmetric encryption algorithm, and SHA1 as a hash algorithm.

None of these algorithms are actually used to generate the
private/public keys, though.  The private and public keys are just
numbers.  GnuPG generates those numbers from a cryptographically secure
pseudorandom number generator, then subjects the numbers to a battery of
mathematical tests to make sure the keys are safe to use.

Is it possible for you to tell us what algorithms your correspondent
expects you to use?  Knowing that might help us out quite a bit.






More information about the Gnupg-users mailing list