Cryptography Reference
In-Depth Information
public key is also put on Alice's private-key ring. In the case where Bob's
key appears on Alice's private-key ring, there is a
buckstop bit
, which is
set to 1 in that instance.
5.
User ID
:
ID
B
, which is Bob's identifier, such as
Bob@PGPpublicRing.ca
.
−
−
6.
Key legitimacy
:
trust
byte
, which is the level of trust that
the PGP program (which computes this field), imparts to the binding
of Bob's user ID to
e
B
. The means by which this is determined by the
PGP program is on a weighted basis, whereby the PGP program bases
the weighting upon the signature trust fields present in item 8. There is
also a
warnonly bit
, which is set to 1 if Alice only wants to be warned that
e
B
is only used for enciphering, but is not fully validated.
flag
7.
Signature
: When a new public key, Bob's in this case, is added, one or
more signatures could be appended to it, and more may be added later.
8.
Signature Trust
:
trust
byte
, which is the degree of trust that
Alice assigns Bob to certify public keys, so is essentially a cached version of
field 4 (owner trust), in the followingsense. Upon addition of a signature,
the PGP program looks through the public-key ring to determine if Bob's
signature is among the public-key owners therein. If so, the trust value
given in field 4 is assigned, and if not, an
unknown
value is assigned to
this field. This field is periodically updated by the PGP program, which
scans the public-key ringfor all signatures owned by Bob and updates this
field to be the same as the owner trust field.
−
flag
−
Now that we have the notion of PGP rings, we can give a more detailed and
informed description of PGP message generation, processing, and reception.
PGP Message Processing Protocol Via Key Rings
This protocol description, and accompanying diagrams on pages 284 and
285, depict the PGP message generation, and processing upon reception using
key rings. Since we fully described the mechanism for ASCII conversion and
ZIP compression above, we eliminate those stages for the sake of simplicity.
Moreover, we are assumingthat both signingand encryption are required.
Protocol Steps
We assume, as above, that Alice is sendinga message to Bob.
1. The PGP program obtains Alice's encrypted private RSA key
d
A
from her
private-key ringusing
ID
A
(for instance,
Alice@PGPprivateRing.com
)as
an index for so doing.
2. The PGP program requests Alice's keyphrase in order to provide her with
this enciphered version, which she provides and
d
A
is obtained as in part
(iv) of private-key storage and access on page 281.
Search WWH ::
Custom Search