Question about PGP/GPG and OTR
I always thought that any kind of public key encryption meant that it was asymmetric. Which means that PGP/GPG and OTR are both examples of asymmetric encryption. But, I was reading their Wikipedia articles and:
Originally Posted by PGP
Originally Posted by PGP; Early History
Originally Posted by OTR
I think I understand how OTR works, using the Diffie-Hellman key exchange it uses public keys (asymmetric) encryption to exchange symmetric (secret key encryption). But, OTR is a little different in that the keys are throw away and the entire system is designed so that the conversations can't be decrypted later, even if both parties in the conversation wanted to.
Originally Posted by Diffie-Hellman key exchange
When using GPG I've always used the ElGamal encryption algorithm, which is asymmetric. But that still uses the Diffie-Hellman key exchange. Which "[is] used to encrypt subsequent communications using a symmetric key cipher". But with PGP/GPG the keys aren't throw away like in OTR. And, I don't see how any scheme can use symmetric encryption over the Internet and still be secure. Symmetric encryption keys are vulnerable to interception by a man in the middle.
I'm confused and reading other Wikipedia articles as well as the short section on encryption in one of my textbooks isn't helping either. It seems like all of the sources I've read either aren't telling me what I want to know, or are written in such a way that they assume you already know everything about the subject beforehand.
CPU: AMD Phenom II X4 965 @ 3.5GHz
GPU: MSI GTX 260 w/896MB DDR3 @ 655MHz
RAM: Kingston HyperX 8GB (4x 2GB) DDR3 2000
HDD: Samsung Spinpoint F3 1TB (2x fake RAID0)