On 11/03/15 18:55, Maricel Gregoraschko wrote: > One more question: Is there any standardization in output formats > between encryption programs and libraries, for example say you > encrypt with AES128 in CBC, with the same key (directly or via > passphrase), and since the output will have to have, in addition to > the actual ciphertext, algorithm indentification on it, possible > pasphrase-to-key, plus mode-specific data such as the iv/nonce, is > there a specification of the format of how these come in?
The passphrase-based encryption of GnuPG is entirely specified in RFC 4880, and there is no reason to worry that future versions of GnuPG cannot read a symmetrically encrypted file created now. Also, it is *not* the case that the key used to encrypt the data is the key derived from your password! The key to encrypt the data, the session key, is randomly generated. The passphrase is used to derive a key, and this derived key is used to encrypt the session key, and only the session key! However, I do notice that RFC 4880 allows the use of a password-derived key to encrypt the data[1]. I don't think GnuPG will generate such OpenPGP messages, but it might accept and decrypt them. HTH, Peter. [1] RFC 4880 section 5.3: > If the encrypted session key is not present (which can be detected on > the basis of packet length and S2K specifier size), then the S2K > algorithm applied to the passphrase produces the session key for > decrypting the file, using the symmetric cipher algorithm from the > Symmetric-Key Encrypted Session Key packet. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users