Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Daniel Barrett wrote: > Just wondering how safe a file is when encrypted with a 4096-bit GPG key. GPG doesn't work that way. Your 4096-bit asymmetric key is either RSA or DH, both of which are VERY slow algorithms, too slow for general use. When you encrypt a message, the encryption engine generates a random session key. This session key is used to encrypt the message using a symmetric cipher (GnuPG uses CAST-128 by default). The session key is then encrypted with the public half of your recipient's asymmetric key pair and attached to the message. When the recipient decrypts the message, the session key is decrypted with the private half of the asymmetric key pair. The recovered session key is used to decrypt the message. SSL and SSH both work roughly the same way. -- Rich P.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |