NIST 800-57 compatible unattended encryption?

gnupg at raf.org gnupg at raf.org
Tue Jan 8 04:15:41 CET 2019


Wiktor Kwapisiewicz wrote:

> Hello,
> 
> > On Wed, Jan 02, 2019 at 04:02:03PM +1100, gnupg at raf.org wrote:
> >> For some dumb reason I think I was hoping that the RSA
> >> algorithm wasn't really used to encrypt all the data. I
> >> thought it was probably used to encrypt a per-file
> >> randomly-generated symmetric key which was then used to
> >> encrypt the file (and was encrypted along with the
> >> file) because it could be faster. But I think I'm
> >> confusing it with network protocols like TLS.
> >>
> >> Is that what happens with RSA in gpg? [Probably not]
> > 
> > Actually yes, that’s exactly what happens. The data (in your
> > case, the contents of your file) is symmetrically encrypted using
> > a randomly generated “session key”, and *that* key is
> > asymmetrically encrypted using the RSA public key.
> 
> Yep, to see this behind-the-scenes thing in action check out
> "--show-session-key" and "--override-session-key" options. Described here:
> 
> https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html
> 
> Kind regards,
> Wiktor

Thanks for that. Unfortunately, it's still not NIST 800-57 compliant
because the session key is encrypted using an asymmetric key.
But I guess I'll just have to choose not to worry about that.

Another question: I was googling the default symmetric algorithm and
https://security.stackexchange.com/questions/86305/what-is-the-default-cipher-algorithm-for-gnupg
says: For GnuPG 1.0 and 2.0, default is Cast5, for GnuPG 2.1 it is AES-128

But when I use gpg --list-packets --show-session-key -v on files encrypted
via RSA keys with gpg-1.4.23 (macOS/macports) and gpg-2.1.18 (debian9),
they both say:

  gpg: AES256 encrypted data

Which is great but why is that? I haven't done anything
in gpg.conf to override any defaults.

Is the symmetric algorithm used with RSA keys unrelated
to the default symmetric algorithm used by gpg when the
--symmetric option is used?

Hmm, when I encrypt a file with gpg -c and then --list-packets -v,
the one encrypted with gpg-1.4.23 says:

  gpg: AES encrypted data

and the one encrypted with gpg-2.1.18 says:

  gpg: AES256 encrypted data

I guess that stackexchange page is wrong or out of date.

The manpage for gpg on both systems says that the default symmetric algorithm
is AES128 which seems correct for gpg-1.4.23 but incorrect for gpg-2.1.18.

cheers,
raf




More information about the Gnupg-users mailing list