can you see any problem with this?
Adrian Thurston
thurston at cs.queensu.ca
Tue Feb 5 20:24:15 CET 2008
Yes I think I can live with those characteristics of the system. Thanks for your analysis!
-Adrian
-----Original Message-----
From: David Shaw <dshaw at jabberwocky.com>
Date: Tue, 5 Feb 2008 13:50:56
To:Adrian Thurston <thurston at cs.queensu.ca>
Cc:gnupg-users at gnupg.org
Subject: Re: can you see any problem with this?
On Tue, Feb 05, 2008 at 01:28:08PM -0500, Adrian Thurston wrote:
> My application is here:
>
> http://www.cs.queensu.ca/~thurston/fif/
>
> I'm encrypting messages and making them publicly available over static
> HTTP. Anyone who knows the right URL can grab a message and I don't want
> recipients to be identifiable.
>
> Another issue is that the number of recipients and the size of messages
> may both get very large. A single encrypted message is therefore very
> attractive.
In that case, doing something like this may work for you:
gpg -o output.gpg -R recipient1 -R recipient2 -e thefile.txt
gpgsplit output.gpg
for i in *.pk_enc
do
cat $i *.encrypted > `echo $i | sed -e 's/\-001\.pk_enc//'`
done
You'll end up with a directory full of files, one per recipient, and
each a valid OpenPGP message, but all of them protected via
throw-keyid. I'll leave it as an exercise for the reader to determine
which file goes with which recipient ;)
Caveats:
If Alice and Baker both get a message, and Alice knows which file
Baker got, Alice can decrypt Baker's message using her own session
key, thus revealing to Alice that Baker got the same message that
Alice did.
The "non-identifiable" feature with -R (aka throw-keyid) is only as
good as throw-keyid is, which is pretty good but not perfect.
You may or may not care about these caveats.
David
More information about the Gnupg-users
mailing list