Learning about authentication

Daniel Cerqueira dan.list at brilhante.top
Thu Nov 23 22:09:23 CET 2023


I want to know a bit, on how authentication and authorization works in
GnuPG.

I know that for encryption, GnuPG creates a session key with the public
key, that is then used with symmetric encryption. For decryption, the
private key is used to recover that session key, in which then, the
ciphertext get's symmetrically decrypted, using that session key.

I know that for signing, a hash of the content is produced, that,
afterwards, gets encrypted with the private key. For verification, the
public key is used to recover the original hash, and then that gets
compared with the content hashing.

I don't understand how authentication and authorization works. Can
someone clarify this for me?

Thanks.



More information about the Gnupg-users mailing list