-   Linux - Security (
-   -   GPG: generating a key compatible with PGP (

xri 06-24-2010 01:40 AM

GPG: generating a key compatible with PGP
I am currently using to send and receive faxes at work.
I need the faxes to be encrypted. They offer public key encryption with PGP 9.8.2
They just need my public key to be compatible with their PGP version.

I found a few statements at the GPG site, which may not be true for newer versions of gpg:
  1. PGP, Inc. refuses to accept Elgamal keys of type 20 even for encryption.They only support type 16.
  2. PGP 5.x does not accept v4 signatures for data material but OpenPGP requests generation of v4 signatures for all kind of data, that's why GnuPG defaults to them.
  3. By default, GnuPG encrypts your secret key using the Blowfish symmetric algorithm. Older PGPs will only understand 3DES, CAST5, or IDEA symmetric algorithms.
  4. PGP doesn't do Elgamal signing keys at all, so they are not usable with any version.

Since this is a work related task, I attempt to avoid using trial and error here, because an incompatible key may provoke loss of crucial information. It is difficult to estimate how long it would take them/me to find out that the key provided was not compatible; but probably it would entail a significant loss for the business.

I would appreciate some pointers as to how to generate a PGP compatible key with gpg.

Thanks for reading this.

anomie 06-24-2010 10:04 AM

I actually think some trial and error is going to be needed to test this properly. Perhaps install their same version of PGP on a test box so that you can run through some contrived experiments?

Carefully read through the gpg(1) manpages. There are lots of options that enable PGP-workaround / PGP-related RFC compliant features. I'm not sure which combination of those options is going to get you what you need for their PGP version.

All times are GMT -5. The time now is 05:07 AM.