Cryptography Reference
In-Depth Information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBA4c1/LSQdhvwJ58RAjzEAKCXHnwQHNGbX2Bzjo3AMZHABWTW5wCgkx
VLrq22vPs5vlR6RZOf1zEDSF4=
=cVzf
-----END PGP SIGNATURE-----
One can see that the message hashed value (using SHA1) was signed by GnuPGP
version 1.2.4. If the user asks for the signature verification, the following message is
returned.
gpg: Signature made Sun 25 Jul 2004 12:11:01 PM CEST using DSA
key ID 1BF0279F
gpg: Good signature from "Serge Vaudenay <serge.vaudenay@epfl
.ch>"
So one realizes that the signature is a DSA signature and that the public key is identified
in the key ring as belonging to the named person.
When doing a cryptographic operation, PGP may need cryptographic keys which
are hardly manageable for a human user. Symmetric keys can be prompted to the user.
They are usually derived from a pass phrase which is freely chosen by the user by using
a hash function.
Asymmetric keys are more problematic since they are in a specific mathematical
format. For instance an RSA key is a pair of a modulus and an exponent. We cannot
derive them from a human pass phrase. For this, PGP retrieves the key from a key ring .
The user just needs to provide an identifier for the key to be used. When the key is a
secret one, it may be encrypted by a symmetric algorithm. Therefore, PGP needs to
ask for the symmetric key by prompting for the corresponding pass phrase.
As an example, here is a listing of a public key ring.
vaudenay@lasecpc7:~> gpg --list-public-keys
/home/vaudenay/.gnupg/pubring.gpg
---------------------------------
pub 1024D/1BF0279F 2004-07-25 Serge Vaudenay
<serge.vaudenay@epfl.ch>
pub
1024D/8EB9124A 2004-07-25 Student <student@epfl.ch>
pub
1536R/27295F6B 2004-07-25 Colleague <colleague@epfl.ch>
It may look quite cryptic. The second field tells the bit length and the scheme. For
instance, 1024D means a 1024-bit key for DSA, 1024g means a 1024-bit key for
Search WWH ::




Custom Search