how to create a symmetric cipher
Joseph Oreste Bruni
brunij at earthlink.net
Tue Nov 14 23:16:58 CET 2006
When you encrypt to a person's public key you are not using the
public key to encrypt the data. First, a random session key is
generated and used to encrypt the data using a symmetric cipher. Then
only the session key is encrypted using the public key and appended
to the file. The recipient uses his private key to decrypt the
session key which is then used to decrypt the data via the symmetric
cipher. This way you avoid passing symmetric keys in the clear.
If you are looking to build a custom solution, you might be better
off looking at the OpenSSL crypto API.
Joe
On Nov 14, 2006, at 3:04 PM, Wei Wu [H] wrote:
> Thank you. As I said in my other posts, I don't want to use
> passphrase based
> encryption, and am looking for key based solution.
>
> Also I don't need a private/public key-pair based solution as
> symmetric key
> is more efficient.
>
> Regards,
> WW
>
>
> -----Original Message-----
> From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-
> bounces at gnupg.org]
> On Behalf Of Joseph Oreste Bruni
> Sent: Tuesday, November 14, 2006 3:41 PM
> To: gnupg-users at gnupg.org
> Subject: Re: how to create a symmetric cipher
>
> gpg --symmetric --encrypt
>
> The default is CAST5, but you can specify the algorithm using --
> cipher-algo
>
> -Joe
>
>
> On Nov 14, 2006, at 12:52 PM, Wei Wu [H] wrote:
>
>> Hi there,
>>
>> I want to create a symmetric cipher such as AES to encrypt some
>> data, and
>> think gpg (GnuPG Version 1.4.2.1) may do this. But I found it gives
>> only
>> three options, none is symmetric. I would appreciate if anyone can
>> point me
>> to another or way to do it?
>>
>> Regards,
>> WW
>>
>> gpg --gen-key
>> (1) DSA and Elgamal (default)
>> (2) DSA (sign only)
>> (5) RSA (sign only)
>>
>>
>>
>> _______________________________________________
>> Gnupg-users mailing list
>> Gnupg-users at gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2508 bytes
Desc: not available
Url : /pipermail/attachments/20061114/a21df358/smime.bin
More information about the Gnupg-users
mailing list