Security Implications

David Shaw dshaw@jabberwocky.com
Fri Dec 14 01:22:01 2001


--envbJBWh7q8WU6mo
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Dec 14, 2001 at 01:02:06AM +0100, Ingo Kl=F6cker wrote:

> On Wednesday 12 December 2001 20:53, Steve Butler wrote:
> > > A thought question for the crypto-analysts.
> > >
> > > Given the same file is being encrypted for two (or more) recipients
> > > all having separate public keys on my keyring.  Presume that I will
> > > FTP the encrypted file to each recipient's inbound FTP site.
> > > Ignoring the work overhead on my computer, which provides better
> > > overall security and immunity to decrypting attacks:
> > >
> > > 1.  Encrypt the file to each recipient individually and FTP each
> > > encrypted file to the appropriate recipient.  (encrypt many)
> > >
> > > 2.  Encrypt the file for all recipients and FTP the one encrypted
> > > file to each recipient's FTP site. (encrypt once with many
> > > recipients)
>=20
> It doesn't matter. In the second scenario the session key is encrypted=20
> with all the recipients' keys. Therefore the probability to find a key=20
> to decrypt the session key is slightly higher. But as it's much more=20
> time consuming to find the secret key corresponding to a public key=20
> than to simply find the session key (by brute force) nobody would ever=20
> try to crack the asymmetrically encrypted session key but would crack=20
> the symmetrically encrypted message itself instead.
>=20
> The only advantage of individually encrypted files is that the=20
> recipients then don't know to whom else you sent an encrypted version=20
> of this file.

You can use --throw-keyid to allow you to encrypt once to many
recipients without saying who they are.  The recipients must also have
an OpenPGP implementation like GnuPG that understands speculative
keyids.

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+--------------------------------------------------------------------------=
-+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

--envbJBWh7q8WU6mo
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6c-cvs (GNU/Linux)

iQEVAwUBPBlFt4ccwqs8s7QVAQEzZAgAhGmAXi/d0MD9SbSI/zp5KI8SNcaN8zNM
d9SWw2oOzMRbhYVoLbTuNx9mRY2c1o5rRovukISYYFVls9+A4NAO44zmfxkxFAQJ
e5EHdu4G9jugiGOy6RleZZHg0faAz2FqicZ/B/RVqCFc+rfLdsgcBzqqo/PeIC2K
UNl6w7yclANCY+UclRYLCaS2V1pRyobw2uOMRh8BesUTZJaic2XacJI9AnLtvpr3
GcmOfNSYcgtfKLDdR1SoZMocFwXZ50JIAzeNb0LcITIdGtGJ0Nu/+WSGvRgiRDEb
YoMbkmbVCOVU055zF+qqPRp3FwEuEYBm2h/fxUIh+5Kl+Dd5gzDRsQ==
=yXN7
-----END PGP SIGNATURE-----

--envbJBWh7q8WU6mo--