info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
pgp/gpg key pair derived from self generated primes
3 views
Skip to first unread message
Stefan Thomas
Oct 2, 2014, 10:52:50 AM10/2/14
to
Does anyone know a simple procedure to generate a pgp/gpg key pair
(+self signed public key) from self generated primes?
Of course one could change the key generation routine in the sources of
gpg and the recompile, but somebody must have solved this problem with a
simple perl script or such.
Stefan
(+self signed public key) from self generated primes?
Of course one could change the key generation routine in the sources of
gpg and the recompile, but somebody must have solved this problem with a
simple perl script or such.
Stefan
William Unruh
Oct 2, 2014, 11:20:52 AM10/2/14
to
On 2014-10-02, Stefan Thomas <StTh...@gmx.de> wrote:
> Does anyone know a simple procedure to generate a pgp/gpg key pair
> (+self signed public key) from self generated primes?
I think one of the questions is whether or not it can get enough
> Does anyone know a simple procedure to generate a pgp/gpg key pair
> (+self signed public key) from self generated primes?
"entropy". While at your keyboard you can move your mouse or type to
generate it. Running a script a 3AM with you computer otherwise quiet,
could get hard. Mind you if you got them to use urandom for entropy,
the keys would be in no way weaker, and it would not block.
Stefan Thomas
Oct 2, 2014, 1:49:20 PM10/2/14
to
> I think one of the questions is whether or not it can get enough
> "entropy". While at your keyboard you can move your mouse or type to
> generate it. Running a script a 3AM with you computer otherwise quiet,
> could get hard. Mind you if you got them to use urandom for entropy,
> the keys would be in no way weaker, and it would not block.
>
I didn't make myself clear:
> "entropy". While at your keyboard you can move your mouse or type to
> generate it. Running a script a 3AM with you computer otherwise quiet,
> could get hard. Mind you if you got them to use urandom for entropy,
> the keys would be in no way weaker, and it would not block.
>
I'm assuming that one has generated to prime numbers and a secret/public
exponent in advance, from which one wants to construct an RSA a pgp/gpg
RSA key pair. So there is no question of entropy at all. The problem is
just to create a syntactically correct envelope for the keys to be
accepted by the pgp/gpg software.
A similar question could be asked for a priori generated DLP based keys.
William Unruh
Oct 2, 2014, 2:40:22 PM10/2/14
to
On 2014-10-02, Stefan Thomas <StTh...@gmx.de> wrote:
files?
You should be able to read the gpg source if nothing else, but I suspect
that that format is specified somewhere. Sorry I do not know where.
You could try
http://tools.ietf.org/html/rfc4880#section-5.5.3
and see if that helps you.
Stefan Thomas
Oct 3, 2014, 5:23:23 AM10/3/14
to
> So, you want to know the format of the pgp/gpg public and private key
> files?
> You should be able to read the gpg source if nothing else, but I suspect
> that that format is specified somewhere. Sorry I do not know where.
>
> You could try
> http://tools.ietf.org/html/rfc4880#section-5.5.3
> and see if that helps you.
>
Yes, but from this information it will be at least a week's work (for
> files?
> You should be able to read the gpg source if nothing else, but I suspect
> that that format is specified somewhere. Sorry I do not know where.
>
> You could try
> http://tools.ietf.org/html/rfc4880#section-5.5.3
> and see if that helps you.
>
me) to arrive at a syntactically correct private key and self signed
certificate. My hope was that somebody already solved that problem and
had a working perl script for the problem (like the perl scripts that
check the syntax of pgp keys, e.g. by Adam Back).
I do think that it is an important problem:
Use keys in PGP/GPG, that were generated with my own random number
generator and my own arithmetic (e.g. pari/gp) on an offline machine.
Somebody must have thought about it and solved it before.
Thanks for giving me your time.
Stefan
William Unruh
Oct 3, 2014, 12:59:14 PM10/3/14
to
On 2014-10-03, Stefan Thomas <StTh...@gmx.de> wrote:
>> So, you want to know the format of the pgp/gpg public and private key
>> files?
>> You should be able to read the gpg source if nothing else, but I suspect
>> that that format is specified somewhere. Sorry I do not know where.
>>
>> You could try
>> http://tools.ietf.org/html/rfc4880#section-5.5.3
>> and see if that helps you.
>>
>
> Yes, but from this information it will be at least a week's work (for
> me) to arrive at a syntactically correct private key and self signed
> certificate. My hope was that somebody already solved that problem and
> had a working perl script for the problem (like the perl scripts that
> check the syntax of pgp keys, e.g. by Adam Back).
I would start by just stripping out the code from gpg, and using that.
>> So, you want to know the format of the pgp/gpg public and private key
>> files?
>> You should be able to read the gpg source if nothing else, but I suspect
>> that that format is specified somewhere. Sorry I do not know where.
>>
>> You could try
>> http://tools.ietf.org/html/rfc4880#section-5.5.3
>> and see if that helps you.
>>
>
> Yes, but from this information it will be at least a week's work (for
> me) to arrive at a syntactically correct private key and self signed
> certificate. My hope was that somebody already solved that problem and
> had a working perl script for the problem (like the perl scripts that
> check the syntax of pgp keys, e.g. by Adam Back).
They have an encoding (and decoding) section for the key they generate.
It is opensource, so you are well within your rights to use it, unless
you plan to sell it as part of a closed source package.
0 new messages