On Wed, Sep 17, 2008 at 9:41 AM, Werner Koch <[EMAIL PROTECTED]> wrote: > On Wed, 17 Sep 2008 15:52, [EMAIL PROTECTED] said: > >> 1. How is the session key generated? How is its entropy randomness >> determined? Is there a specific algorithm used to generate the key? > > It is a random number of course: > > This random number generator is modelled after the one described in > Peter Gutmann's paper: "Software Generation of Practically Strong > Random Numbers". See also chapter 6 in his book "Cryptographic > Security Architecture", New York, 2004, ISBN 0-387-95387-6. > >> 2. Once generated, Im confused how its used. When I use the gpg >> --show-session-key option I receive: >> gpg: session key: >> `9:EB7DFF392EA4EDBC90A8836F82462CD0E0B5AB22D49141941CE252311ECD2D9C' > > That one is the encrypted using the public key algorithm (RSA or > Elgamal) and prepended to the messaage as described in rfc4880. > >> 3. Is it possible to decrypt a gnupg encrypted message if I know the >> decrypted session key? How could this be accomplished? > > Yes, use: > > --override-session-key string > > Don't use the public key but the session key string. The format of > this string is the same as the one printed by --show-session-key. > This option is normally not used but comes handy in case someone > forces you to reveal the content of an encrypted message; using this > option you can do this without handing out the secret key. > > > > Salam-Shalom, > > Werner >
Hmm, this method works different than what I thought. For example if I specify a manual session key on the command line: gpg -se -r KevDog --override-session-key 9:345DFG session_key_test_original But then ask gpg to reveal session key gpg --show-session-key session_key_test_original.gpg > decrypt I get: gpg: session key: `9:B619909D1DE40EEAA4865A970522895560D6556561BCD8E2B6DEF6DB8E7DA34D' I must be doing something wrong. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users