NIST 800-57 compatible unattended encryption?
Wiktor Kwapisiewicz
wiktor at metacode.biz
Wed Jan 2 10:55:08 CET 2019
Hello,
> On Wed, Jan 02, 2019 at 04:02:03PM +1100, gnupg at raf.org wrote:
>> For some dumb reason I think I was hoping that the RSA
>> algorithm wasn't really used to encrypt all the data. I
>> thought it was probably used to encrypt a per-file
>> randomly-generated symmetric key which was then used to
>> encrypt the file (and was encrypted along with the
>> file) because it could be faster. But I think I'm
>> confusing it with network protocols like TLS.
>>
>> Is that what happens with RSA in gpg? [Probably not]
>
> Actually yes, that’s exactly what happens. The data (in your
> case, the contents of your file) is symmetrically encrypted using
> a randomly generated “session key”, and *that* key is
> asymmetrically encrypted using the RSA public key.
Yep, to see this behind-the-scenes thing in action check out
"--show-session-key" and "--override-session-key" options. Described here:
https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html
Kind regards,
Wiktor
--
https://metacode.biz/@wiktor
More information about the Gnupg-users
mailing list