Why sign as well as encrypt files stored on untrusted drives?

Aaron Toponce aaron.toponce at gmail.com
Wed Jul 13 16:09:55 CEST 2011


On Wed, Jul 13, 2011 at 12:28:50PM +0100, Chris Poole wrote:
> Surely if the file is changed then I've lost that data anyway, and the
> file will fail to decrypt.

Not true. If the drive is an untrusted drive, then you must assume others
have access to the data. Because all that is needed is your public key to
encrypt data to you, the encrypted file could be replaced by another
encrypted file, and you would be none the wiser until you decrypted it.
Signing the file requires access to your private key, something you should
only have access to.

However, even if the file is signed, that still doesn't prevent someone
from replacing the file. After all, it is an untrusted drive. But, at least
the signature could be a preventative measure you could take before
decryption, to ensure that the file is indeed the one you encrypted
yourself.

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 527 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110713/c408d7ba/attachment.pgp>


More information about the Gnupg-users mailing list