Re: Encryption

From: Seth Arnold (sarnold@wirex.com)
Date: 01/17/02


Date: Thu, 17 Jan 2002 10:42:25 -0800
From: Seth Arnold <sarnold@wirex.com>
To: focus-linux@securityfocus.com


On Wed, Jan 16, 2002 at 03:35:12PM +0200, Burak DAYIOGLU wrote:
> ITU-T X.509 is a certificate standard and it is not a certificate
> repository standard. So, I didn't understand how PGP is able to use
> X.509? It may be correct that PGP uses LDAP repositories for
> storage/retrieval but X.509 integration is an unknown for me.

Contained within the x.509 certs, or the pgp key packets, is simply some
very large numbers. Those large numbers are used for RSA or El Gamal
public key crypto. PGP 2.x came with RSA support initially; I don't
recall when PGP moved to (patent-unencumbered) El Gamal, but it is
likely PGP supports both RSA and El Gamal just fine these days.

The same goes for GnuPG; it supports (patent-unencumbered) El Gamal, but
has stubs to allow for back-wards compatibility with RSA.

It isn't a real huge leap for PGP to deal with both X.509 certs and PGP
key packets.

Cheers! :)

-- 
Find out why the United States jailed a Russian citizen over a lecture:
http://www.anti-dmca.com/




Relevant Pages

  • Re: What the situation of PGP?
    ... Zimmerman issued PGP 1.0 under GPLv2, but ran into patent ... Deal was struck with RSA Data Security, Inc., custodian of the (legally ... use RSADSI's slightly crippled RSAREF crypto library for its RSA ...
    (comp.os.linux.security)
  • Re: Complexity Theoretic Cryptography
    ... AES, RSA, PGP, Discreet Logarithm, the lot. ... the same sentence of algorithms that are "relying on an insufficiency ...
    (sci.crypt)
  • RE: Encryption
    ... > ITU-T X.509 is a certificate standard and it is not a certificate ... > repository standard. ... It may be correct that PGP uses LDAP ...
    (Focus-Linux)
  • Re: Complexity Theoretic Cryptography
    ... AES, RSA, PGP, Discreet Logarithm, the lot. ... the same sentence of algorithms that are "relying on an insufficiency ...
    (sci.crypt)
  • Re: Hack PGP
    ... > seti@home they can do with pgp keys, but anyway, paranoia aside, the thing ... > rumour spreaded and some people stoped trusting pgp and started thinking on ... PGP implementation secure (do we trust PGP)? ... As for there being methods of breaking RSA, ...
    (Security-Basics)