PGP5 uses El Gamal _not_ DH

Adam Back aba at dcs.ex.ac.uk
Mon Oct 6 04:03:08 PDT 1997




Aldius <aldius at mindless.com> writes:
> The reason for having two key types for PGP5 is that DH is only capable
> of key distribution, not signing.  

DH is an interactive key negotiation protocol.

El Gamal is the key exchange algorithm used in PGP5.  For some reason
PGP Inc insists on calling El Gamal "DH".  El Gamal is a variant of
DH; so it is related.  But El Gamal is not DH, and it is bad
terminology to call it DH.

The only reason I can think that they insist on calling El Gamal "DH"
at every opportunity is that they perhaps think that the name DH
(Diffie-Hellman) is more widely known, and want to give people warm
fuzzies "oh I've heard of that algorithm".

> and DSS is only capable of signing.  Hence, you require one key to
> sign, and one to distribute the session key.

right.

Adam
-- 
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`







More information about the cypherpunks-legacy mailing list