July 30, 2013
Here’s what happens when you encrypt a message with GPG / GnuPG (and probably other OpenPGP implementations):
Generate session key
When you encrypt a file to someone (
-r personon the command line), GPG generates a session key, which is a large random number. You can see it when you decrypt a message:
gpg --show-session-key myfile.gpg
Choose a symmetric cipher
GPG then looks at the recipients public key to find their preferred symmetric cipher. If you have my key on your ring (get it by doing
gpg --recv-keys 0x127CFCD9B3B929D2) you can see my preferred symmetric cipher by typing:
gpg -r graham -e --verbose test.txt
It should be AES256.
Encrypt using chosen cipher and generated session key
Next it compresses then encrypts the file using the session key and the preferred cipher. So until now we’re still all symmetric encryption.
Encrypt session key with public key
Finally it encrypts that session key using the recipients public key (using RSA), and prepends the result to the front of the message. If there are several recipients, this step is repeated once for each person.
The passphrase GPG asks for when decrypting or signing a message, has nothing to do with message encryption. It is only used to symmetric encrypt your private key (default is CAST5 cipher). That’s in case someone steals your private key file. In terms of how GPG works, you can ignore the passphrase. If you just encrypt a message (without signing it) you won’t need to enter your passphrase at all (but in practice your should always sign your messages).