Public Key Encryption/Decryption of data [closed]

Question

Closed. This question is off-topic. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 8 years ago.

Improve this question

When some data is encrypted with PGP, no password is provided. What is the password used in the symmetric algorithms portion of PGP?

this is the output of a small string encrypted with AES 256.

-----BEGIN PGP MESSAGE-----
Version: BCPG v1.39

hI4D+UDEMBpnd50QAf9bWG97E9FfnSKB/WpVcBtLJqk5f/Ih9YZTUDULDZpSE0TP
ObJnCs91okOv6/BtDRDZ84ChF5pOZezb5+aL3TW5AfwK3gJ7nPTlmZOm5Kf7qOfB
n307xpn0qRw395y1mfOm10TsMpaCkbSvwjhqPi8hRMM17y29OsqGLstZdeAaNTGt
0mwB7EiZti4jOUF3/SCNnn2vA9hVc6o6c0l0h5vQOF0L+eL1Pmhg8RcFT4kHRnI/
A+Ad4hsbOxD1vvzZHx2iETkt1JmNTHmOOY5Cw/n+sFlU9JzZpzAtqwUjjnyN8NjQ
6NbpwL6gebTJCVTNW2c=
=kI32
-----END PGP MESSAGE-----

Old: Public-Key Encrypted Session Key Packet(tag 1)(142 bytes)
        New version(3)
        Key ID - 0xF940C4301A67779D
        Pub alg - ElGamal Encrypt-Only(pub 16)
        ElGamal g^k mod p(511 bits) - 5b 58 6f 7b 13 d1 5f 9d 22 81 fd 6a 55 70 1b 4b 26 a9 39 7f f2 21 f5 86 53 50 35 0b 0d 9a 52 13 44 cf 39 b2 67 0a cf 75 a2 43 af eb f0 6d 0d 10 d9 f3 80 a1 17 9a 4e 65 ec db e7 e6 8b dd 35 b9 
        ElGamal m * y^k mod p(508 bits) - 0a de 02 7b 9c f4 e5 99 93 a6 e4 a7 fb a8 e7 c1 9f 7d 3b c6 99 f4 a9 1c 37 f7 9c b5 99 f3 a6 d7 44 ec 32 96 82 91 b4 af c2 38 6a 3e 2f 21 44 c3 35 ef 2d bd 3a ca 86 2e cb 59 75 e0 1a 35 31 ad 
                -> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02

New: Symmetrically Encrypted and MDC Packet(tag 18)(108 bytes)
        Ver 1
        Encrypted data [sym alg is specified in pub-key encrypted session key]
                (plain text + MDC SHA1(20 bytes))

I know that the AES 256 value 9 is hidden in the first packet (tag 1), but where is the key? Since the public key is used to encrypt, there was no key hidden in the public key with which to encrypt. Also, I think RFC 4880 never actually specifies where to get a key.

Am i missing some important point about public key cryptography?

Answer 1

I just realized that i misinterpreted session key in the instructions as the packet, rather than the secret key

Answer 2

You don't need a key because anyone may use the public key. The public key is used for encrypting (in this case a random AES key, which is used to encrypt the rest of the data). Only during decryption will you need the private key to retrieve the encrypted AES key and - of course - the data. This is of course the public/private key pair of the receiving party(s).

Answer 3

The randomly-generated session key is stored in the first packet:

... Public-Key Encrypted Session Key Packet ...

Raw data is never encrypted directly with public key algorithms; instead, a randomly-generated session key is used. If you encrypt to multiple recipients, the same session key will be encrypted to each recipient individually.