Secret key holder identity

NikNot niknot at gmail.com
Thu Feb 22 16:53:44 CET 2007


On 2/22/07, Werner Koch <wk at gnupg.org> wrote:
> On Tue, 20 Feb 2007 18:02, niknot at gmail.com said:
>
> > If the system was designed for the real world, the encrypted message
> > would, by default, consist of a binary data set, indistingushable from a
> > random stream, until and unless decrypted using the recipient's private key.
>
> A real world system needs to know the key for decryption and not fall
> back to a time consuming mode of trial decryption with all available
> secret keys...
>
> OpenPGP is not designed to thwart traffic analysis.  It has merely
> some provisions to help such a system
>
Thanks Werner - we agree on the OpenPGP design. I'm only trying to
point out that this is a serious limitation, more so now than at the
time PGP was born (or OpenPGP was designed).

Tempora mutantur (et nos in illis?)

NikNot



More information about the Gnupg-users mailing list