Algorithm used to encrypt

Kevin Kammer mephisto at
Mon Nov 9 05:19:00 CET 2009

On Sun, Nov 08, 2009 at 10:57:46PM -0500 I wrote:
> On Sun, Nov 08, 2009 at 05:52:37PM +0100 Heinz Diehl wrote:
> > Hi,
> > 
> > seems I'm just too stupid today to find what's maybe obvious:
> > given an ascii armored gpg encrypted file, how can I find out what
> > algorithm has been used to encrypt the file? 
> > 
> > Thanks,
> > Heinz.

> ... I would infer (perhaps mistakenly) that data identifying the
> symmetric algo is stored, encrypted, with the session key, and is
> therefore only accessible after the first phase of the decryption
> process (i.e. decrypting the session key material using the
> appropriate private key) is successful.  If my inference is correct...

I figured that I owed you a better respons than "I guess..." so I looked
the following up. I would seem that my guess was on the money.

The following is quoted from RFC4880 (OpenPGP Message Format):

5.1.  Public-Key Encrypted Session Key Packets (Tag 1)

   A Public-Key Encrypted Session Key packet holds the session key used
   to encrypt a message.


   The body of this packet consists of:

     - A one-octet number giving the version number of the packet type.
       The currently defined value for packet version is 3.

     - An eight-octet number that gives the Key ID of the public key to
       which the session key is encrypted.  If the session key is
       encrypted to a subkey, then the Key ID of this subkey is used
       here instead of the Key ID of the primary key.

     - A one-octet number giving the public-key algorithm used.

     - A string of octets that is the encrypted session key.  This
       string takes up the remainder of the packet, and its contents are
       dependent on the public-key algorithm used.

   Algorithm Specific Fields for RSA encryption

     - multiprecision integer (MPI) of RSA encrypted value m**e mod n.

   Algorithm Specific Fields for Elgamal encryption:

     - MPI of Elgamal (Diffie-Hellman) value g**k mod p.

     - MPI of Elgamal (Diffie-Hellman) value m * y**k mod p.

   The value "m" in the above formulas is derived from the session key
   as follows.  First, the session key is prefixed with a one-octet
   algorithm identifier that specifies the symmetric encryption
   algorithm used to encrypt the following Symmetrically Encrypted Data

So, it would appear that the symmetric algo is specified as part of the
"string of octets that is the encrypted session key," and therefore,
being encrypted, is only accessible if you have the means (the correct
private key) to decrypt the packet.


"Le hasard favorise l'esprit préparé."
                      --Louis Pasteur

More information about the Gnupg-users mailing list