I'm still new to encryption and differences between an RSA public keys and PGP/openPGP compatible public keys. First of all, is there a difference between an RSA public key and a PGP/openPGP compatible public key? If there is a difference, is there a way in which I can identify if the given public key is a PGP/openPGP compatible key?
Asked
Active
Viewed 684 times
1 Answers
1
RSA is a public/private key cryptography algorithm, while OpenPGP (and PGP as an implementation of OpenPGP) is a protocol applying algorithms like RSA (and others). Other well-known standards comparable to OpenPGP are X.509 (for example used for TLS and S/MIME) or SSH. All of those embed keys (very often, those are all RSA keys) in their own format, adding some meta information like creation and expiration time, identifiers and other attributes, both X.509 and OpenPGP also add a trust system for certifying keys. In theory, the numbers forming the RSA keys can be extracted and converted to the format every other protocol is using, but in practice there is rarely use at the cost of larger exposition to possible attacks or software failures (in contrast to using different RSA keys).
To realize what kind of key you have, you can use tools like GnuPG (gpg [keyfile] will print the key's meta information for OpenPGP keys or an error message if it is none). The file utility is always handy for analyzing a file's type, and can distinguish between lots of different formats of key files.
Jens Erat
- 23,446
- 12
- 72
- 96