Discussion:
pgp/gpg key pair derived from self generated primes
(too old to reply)
Stefan Thomas
2014-10-02 14:52:50 UTC
Permalink
Does anyone know a simple procedure to generate a pgp/gpg key pair
(+self signed public key) from self generated primes?

Of course one could change the key generation routine in the sources of
gpg and the recompile, but somebody must have solved this problem with a
simple perl script or such.

Stefan
William Unruh
2014-10-02 15:20:52 UTC
Permalink
Post by Stefan Thomas
Does anyone know a simple procedure to generate a pgp/gpg key pair
(+self signed public key) from self generated primes?
I think one of the questions is whether or not it can get enough
"entropy". While at your keyboard you can move your mouse or type to
generate it. Running a script a 3AM with you computer otherwise quiet,
could get hard. Mind you if you got them to use urandom for entropy,
the keys would be in no way weaker, and it would not block.
Post by Stefan Thomas
Of course one could change the key generation routine in the sources of
gpg and the recompile, but somebody must have solved this problem with a
simple perl script or such.
Stefan
Stefan Thomas
2014-10-02 17:49:20 UTC
Permalink
Post by William Unruh
I think one of the questions is whether or not it can get enough
"entropy". While at your keyboard you can move your mouse or type to
generate it. Running a script a 3AM with you computer otherwise quiet,
could get hard. Mind you if you got them to use urandom for entropy,
the keys would be in no way weaker, and it would not block.
I didn't make myself clear:
I'm assuming that one has generated to prime numbers and a secret/public
exponent in advance, from which one wants to construct an RSA a pgp/gpg
RSA key pair. So there is no question of entropy at all. The problem is
just to create a syntactically correct envelope for the keys to be
accepted by the pgp/gpg software.

A similar question could be asked for a priori generated DLP based keys.
William Unruh
2014-10-02 18:40:22 UTC
Permalink
Post by Stefan Thomas
Post by William Unruh
I think one of the questions is whether or not it can get enough
"entropy". While at your keyboard you can move your mouse or type to
generate it. Running a script a 3AM with you computer otherwise quiet,
could get hard. Mind you if you got them to use urandom for entropy,
the keys would be in no way weaker, and it would not block.
I'm assuming that one has generated to prime numbers and a secret/public
exponent in advance, from which one wants to construct an RSA a pgp/gpg
RSA key pair. So there is no question of entropy at all. The problem is
just to create a syntactically correct envelope for the keys to be
accepted by the pgp/gpg software.
So, you want to know the format of the pgp/gpg public and private key
files?
You should be able to read the gpg source if nothing else, but I suspect
that that format is specified somewhere. Sorry I do not know where.

You could try
http://tools.ietf.org/html/rfc4880#section-5.5.3
and see if that helps you.
Post by Stefan Thomas
A similar question could be asked for a priori generated DLP based keys.
Stefan Thomas
2014-10-03 09:23:23 UTC
Permalink
Post by William Unruh
So, you want to know the format of the pgp/gpg public and private key
files?
You should be able to read the gpg source if nothing else, but I suspect
that that format is specified somewhere. Sorry I do not know where.
You could try
http://tools.ietf.org/html/rfc4880#section-5.5.3
and see if that helps you.
Yes, but from this information it will be at least a week's work (for
me) to arrive at a syntactically correct private key and self signed
certificate. My hope was that somebody already solved that problem and
had a working perl script for the problem (like the perl scripts that
check the syntax of pgp keys, e.g. by Adam Back).

I do think that it is an important problem:
Use keys in PGP/GPG, that were generated with my own random number
generator and my own arithmetic (e.g. pari/gp) on an offline machine.
Somebody must have thought about it and solved it before.

Thanks for giving me your time.

Stefan
William Unruh
2014-10-03 16:59:14 UTC
Permalink
Post by Stefan Thomas
Post by William Unruh
So, you want to know the format of the pgp/gpg public and private key
files?
You should be able to read the gpg source if nothing else, but I suspect
that that format is specified somewhere. Sorry I do not know where.
You could try
http://tools.ietf.org/html/rfc4880#section-5.5.3
and see if that helps you.
Yes, but from this information it will be at least a week's work (for
me) to arrive at a syntactically correct private key and self signed
certificate. My hope was that somebody already solved that problem and
had a working perl script for the problem (like the perl scripts that
check the syntax of pgp keys, e.g. by Adam Back).
I would start by just stripping out the code from gpg, and using that.
They have an encoding (and decoding) section for the key they generate.
It is opensource, so you are well within your rights to use it, unless
you plan to sell it as part of a closed source package.
Post by Stefan Thomas
Use keys in PGP/GPG, that were generated with my own random number
generator and my own arithmetic (e.g. pari/gp) on an offline machine.
Somebody must have thought about it and solved it before.
Thanks for giving me your time.
Stefan
Loading...