On Tue, Oct 21, 2008 at 11:04:21AM -0500, Kevin Hilton wrote:
> >RFC-4880, section 3.7.1.1:
>
> > If the hash size is less than the key size, multiple instances of
> > the hash context are created -- enough to produce the required key
> > data. These instances are preloaded with 0, 1, 2, ..
>RFC-4880, section 3.7.1.1:
> If the hash size is less than the key size, multiple instances of
> the hash context are created -- enough to produce the required key
> data. These instances are preloaded with 0, 1, 2, ... octets of
> zeros (that is to say, the first instance has no preload
Kevin Hilton (21.10.2008 22:52):
>> If the hash output is not enough, then extra 0x00 byte will be added to
>> your passphrase and hashed again to produce additional and different
>> hashing output. If even this isn't enough, then two 0x00 bytes will be
>> added and hashed again, and so on.
>
>
>
> If the hash output is not enough, then extra 0x00 byte will be added to
> your passphrase and hashed again to produce additional and different
> hashing output. If even this isn't enough, then two 0x00 bytes will be
> added and hashed again, and so on.
Ok -- so just some points of clarification
On Tue, Oct 21, 2008 at 09:48:47AM -0500, Kevin Hilton wrote:
> >> When the session key is randomly generated (asymmetric encryption),
> >> how large is the session key? Is the length set or does it depend on
> >> other parameter such as the length of the DSA/RSA key or hash?
> >
> > It is the key
Kevin Hilton (21.10.2008 21:48):
>> Depends on what algorithm you're using for the symmetric cipher. A 128-bit
>> cipher gets a 128-bit session key, a 256-bit cipher gets a 256-bit session
>> key. The only exception might be 3DES, which >technically requires a
>> 192-bit session key, but since
>Depends on what algorithm you're using for the symmetric cipher. A 128-bit
>cipher gets a 128-bit session key, a 256-bit cipher gets a 256-bit session
>key. The only exception might be 3DES, which >technically requires a 192-bit
>session key, but since only 168 bits get used, there could be s
On Tue, 21 Oct 2008 16:23, [EMAIL PROTECTED] said:
> When the session key is randomly generated (asymmetric encryption),
> how large is the session key? Is the length set or does it depend on
> other parameter such as the length of the DSA/RSA key or hash?
It depends on the key length of the ciph
On Oct 21, 2008, at 10:23 AM, Kevin Hilton wrote:
When the session key is randomly generated (asymmetric encryption),
how large is the session key? Is the length set or does it depend on
other parameter such as the length of the DSA/RSA key or hash?
It is the key size of your symmetric cipher
When the session key is randomly generated (asymmetric encryption),
how large is the session key? Is the length set or does it depend on
other parameter such as the length of the DSA/RSA key or hash?
Thanks for clarification.
--
Kevin Hilton
___
Gnup
On Wed, Sep 17, 2008 at 01:45:05PM -0400, [EMAIL PROTECTED] wrote:
> David Shaw dshaw at jabberwocky.com wrote on
> Wed Sep 17 18:21:42 CEST 2008 :
>
>
> >I think you're confusing the notion of the "default" algorithm with
> >the "preferred" algorithm. The default algorithm in OpenPGP is
> 3DES
On Wed, Sep 17, 2008 at 11:51 AM, Werner Koch <[EMAIL PROTECTED]> wrote:
> On Wed, 17 Sep 2008 17:38, [EMAIL PROTECTED] said:
>
>> Hmm, this method works different than what I thought. For example if
>> I specify a manual session key on the command line:
>> gpg -se -r KevDog --override-session-ke
David Shaw dshaw at jabberwocky.com wrote on
Wed Sep 17 18:21:42 CEST 2008 :
>I think you're confusing the notion of the "default" algorithm with
>the "preferred" algorithm. The default algorithm in OpenPGP is
3DES.
why then, if there are no preferences used,
or listed in the gpg.conf file,
d
On Wed, 17 Sep 2008 17:38, [EMAIL PROTECTED] said:
> Hmm, this method works different than what I thought. For example if
> I specify a manual session key on the command line:
> gpg -se -r KevDog --override-session-key 9:345DFG session_key_test_original
--override-session-key is for decyrption
On Wed, Sep 17, 2008 at 11:04:29AM -0500, Kevin Hilton wrote:
> >> for ?? historical reasons of compatibility ?? with pgp 5+
> >> the default cipher that will be used for encryption, and also for
> >> protection of the secret key, is CAST-5, not 3DES
>
> >Nope, 3DES is the only MUST cipher algorit
>> for ?? historical reasons of compatibility ?? with pgp 5+
>> the default cipher that will be used for encryption, and also for
>> protection of the secret key, is CAST-5, not 3DES
>Nope, 3DES is the only MUST cipher algorithm and thus used as the
>last-resort if the preference system can't deci
On Wed, Sep 17, 2008 at 9:41 AM, Werner Koch <[EMAIL PROTECTED]> wrote:
> On Wed, 17 Sep 2008 15:52, [EMAIL PROTECTED] said:
>
>> 1. How is the session key generated? How is its entropy randomness
>> determined? Is there a specific algorithm used to generate the key?
>
> It is a random number of
On Wed, 17 Sep 2008 15:52, [EMAIL PROTECTED] said:
> 1. How is the session key generated? How is its entropy randomness
> determined? Is there a specific algorithm used to generate the key?
It is a random number of course:
This random number generator is modelled after the one described in
Just some quick questions regarding the session key. Ive consulted
the RFC4880 docs, however am still slightly confused regarding the
session key.
1. How is the session key generated? How is its entropy randomness
determined? Is there a specific algorithm used to generate the key?
2. Once gener
19 matches
Mail list logo
