LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   GnuPG encrypted files format (https://www.linuxquestions.org/questions/linux-security-4/gnupg-encrypted-files-format-354561/)

rblampain 08-18-2005 10:13 AM
GnuPG encrypted files format
 
I have a vague recollection of reading somewhere that some encrypting softwares produce an output that contains a piece of code that is the same regardless of the plain text to be encrypted. I have also read something about double encryption (encrypting a file of encrypted strings or similar). However trying to retrieve that info on the web leads me nowhere.

The details:
I'm beginning to use GPG, I have selected the first option when generating the keys (DSA ElGamal) and I am using both symmetric and asymmetric encryption of files on a Fedora C2 for file protection.
I suppose ElGamal is used for asymmetric encryption but I have no idea what my system is using for symmetric encryption.
It looks like the symmetric output all start with "\214" and if this is correct, I'd like to find out more about this aspect of encryption, specifically for what I am using.

The questions:
1) Does GPG, as I use it, produce an encrypted file that contains a sort of header?
a) for symmetric encryption
b) for asymmetric encryption
2) If it does, what is the format?
3) Is encryption of encrypted strings a worthwhile procedure?

Any hint or tip most welcome.

primo 08-22-2005 02:34 AM
Read a good book on cryptography to assemble all these facts you have read in the web. Sometimes they can become myths if they're taken out of context.

Anyway, I'll try to answer some questions:
Quote:
1) Does GPG, as I use it, produce an encrypted file that contains a sort of header?
Yes, GPG does use a header for internal use and it's no big deal unless you want some obscurity that in the end won't add any bit to security... It uses a well known header recognized by the file(1) command.

An entirely different thing is the fact that plaintext sometimes contain known pieces (ie, TCP/IP, archive, image and e-mail headers, C++ source, etc). This could be used to retrieve information about the key and more plaintext bits. This is what is called as "known plaintext attack". Good encryption software minimizes this risk by compressing the plaintext and eliminating redundancy.

Quote:
3) Is encryption of encrypted strings a worthwhile procedure?
It depends on the context. I use to manage (encrypt/decrypt) my passwords file in an encrypted loop partition to avoid it reaching the disk.

Asymmetric encryption is useful when encrypting data destined to another recipient. Asymmetric algorithms are best used to encrypt a random (session) key that really encrypts the data. It is because asymmetric algorithms are slower because of the mathematical models they use.

rblampain 08-22-2005 09:15 AM
Thank you to primo for a good explanation.


All times are GMT -5. The time now is 12:43 PM.