How does gnupng create keys?
I'd like to know something about how gnupng create keys (for symmetric encryption). I'm not looking for details, just an overview of how it's done. Does anyone know of any documentation on this? I haven't found any yet. thanks ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: post-quantum computing in GnuPG
On 4/2/2014 2:50 AM, Robert J. Hansen wrote: Or someone builds a working quantum computer with many bits and demonstrate a working decryption of RSA-2048 in a few seconds. :-) Not likely in the near term... Maybe in 5000 years or so, but by then I suspect computing as we know it will be ancient history (actually it *would* be)... Well, you'd need 4096 qubits in the ensemble, representing a state space of something like 10^1233 (not a typo). That's a LOT of zeroes. Maybe my initial estimate was off by several dozen orders of magnitude... At that point I'm going to just give up and offer my services to our new Space Overlords from Zarbnulax Prime. Maybe if I help round up pesky humans they'll give me a ride in their FTL spaceships! LMAO! I got a good laugh out of this one. Thanks, I needed that... :) Chris ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gpg: NOTE: trustdb not writable
Hello, I am using gpg on a system, which is mounted read-only. When I do the following: echo "hello" | gpg --lock-never --no-verbose -e -s -a -r u...@example.com I get an error: gpg: NOTE: trustdb not writable I don't understand why gpg should need write access inside user home, for normal operation. Is thre a way to stop this error message? thanks, Konrad ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encrypted file-size approximation with multiple recipients
On 2014-04-02 00:37, David Shaw wrote: > This can change pretty significantly given different key lengths, > different algorithms, and perhaps most significantly, how > compressible the original document is (by default GPG compresses > data before encryption). An input file of text will compress very > differently than an input file that's a jpeg (as jpegs are already > compressed, and so do not benefit much from a second layer of > compression). Thanks both to David & Sam for their replies. While not exact answers/formulas, they were both quite helpful: 1) I'd missed that GPG conveniently compresses the data before encrypting which would explain some of the differences I saw. 2) getting a rough worst-case bound (larger RSA keys and algorithm choice can impact) for per-recipient overhead. It also helps come to terms with the fact that, in more than half of my use cases (small plain-text/JSON messages), the multi-recipient overhead will swamp the size of the actual compressed+encrypted content. A fact that I can live with, but is nice to know up front. Given that the recipients are in pre-defined groups would it make more sense to multi-recipient-encrypt a single unique group-key, and then encrypt all messages for that group with the given key? I do see the possibility of a trust-leak where a group member could decrypt the group key and then provide it to other non-group members, but if that's the case, the untrustworthy group member could just decrypt the messages and provide those directly. That's a risk I'm willing to accept. Since it's wrapped in my program/code, I can automate the group-key fetching from a UI perspective. I'm mostly interested in things like regenerating the group key when group members are removed, or adding additional group members to an existing key, as well as any "good golly, man, that's idiotic because of XYZ" warnings it might entail. Thanks, -Tim ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Using an RSA GnuPG key for RSA ?
Is it possible to generate an RSA key in GnuPG, and then use it (not in GnuPG, but in other systems using RSA keys), to encrypt and decrypt RSA messages? If so, what portion of the GnuPG generated RSA key functions as a 'pure' RSA key? (Is it isolatable by using --list-packets on the key?) TIA, vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How does gnupng create keys?
On Wed, 2 Apr 2014 10:02, b...@norbl.com said: > I'd like to know something about how gnupng create keys (for symmetric > encryption). I'm not looking for details, just an overview of how > it's done. Does anyone know of any documentation on this? I haven't > found any yet. The Libgcrypt manual has a description of its architecture [1]. GnuPG uses Libgcrypt and thus that library is responsible for creating RSA keys. Libgcrypt is actually code stripped from an older version of GnuPG, but the basic operation is even the same in the old versions (i.e. GnuPG <= 1.4). Shalom-Salam, Werner [1] http://gnupg.org/documentation/manuals/gcrypt/Architecture.html -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Using an RSA GnuPG key for RSA ?
On Wed, Apr 02, 2014 at 01:55:21PM -0400, ved...@nym.hush.com wrote: > Is it possible to generate an RSA key in GnuPG, and then use it (not in > GnuPG, but in other systems using RSA keys), to encrypt and decrypt RSA > messages? > > If so, what portion of the GnuPG generated RSA key functions as a 'pure' RSA > key? > (Is it isolatable by using --list-packets on the key?) > > TIA, > > vedaal If you are not to use the key in gnupg, why make gnupg generate it in the first place? Why not use the program with which you'll use the key to generate it? Or, if the program does not offer this functionality, why not use openssl, which provides this capability on purpose? Were you to use the key both for gnupg and other systems, I would understand, but doing things this way...? Cheers, Leo ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
