Selecting cipher to generate a key pair
cathy.smith at pnl.gov
Sat May 2 01:04:41 CEST 2009
The customer stated that he can accept a public key generated with
either Blowfish or Triple-DES. I wasn't sure what he needed because all
I've dealt with in generating a key pair before is selecting the DSA or
RSA option. Our PGP version doesn't offer the DSA and Elgamal option.
I've sent him a GnuPG-generated key, and asked him to find out if they
are using GnuPG. I haven't heard from him today.
Cathy L. Smith
Pacific Northwest National Laboratory
Operated by Battelle for the
U.S. Department of Energy
Email: cathy.smith at pnl.gov
From: Robert J. Hansen [mailto:rjh at sixdemonbag.org]
Sent: Friday, May 01, 2009 3:58 PM
To: Smith, Cathy
Cc: Allen Schultz; gnupg-users; Hallquist, Roy S Jr
Subject: Re: Selecting cipher to generate a key pair
Smith, Cathy wrote:
> Is there a brief explanation available as to how the cipher is used in
> generating the private/public keys? It seems this is separate from
> the cipher that is chosen to encrypt my data.
rjh at chronicles:~$ gpg --enable-dsa2 --gen-key Please select what kind of
key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
If you choose #1, you will be using, by default, DSA as a signature
algorithm, AES256 as a general-purpose message encryption algorithm,
Elgamal as an asymmetric encryption algorithm, and SHA1 as a hash
None of these algorithms are actually used to generate the
private/public keys, though. The private and public keys are just
numbers. GnuPG generates those numbers from a cryptographically secure
pseudorandom number generator, then subjects the numbers to a battery of
mathematical tests to make sure the keys are safe to use.
Is it possible for you to tell us what algorithms your correspondent
expects you to use? Knowing that might help us out quite a bit.
More information about the Gnupg-users