gpg4win expired code signing cert; please renew.
Andrew Gallagher
andrewg at andrewg.com
Thu Oct 16 11:50:48 CEST 2025
On 16/10/2025 10:34, Jay Acuna via Gnupg-users wrote:
> In this case we're stuck encrypting the data with a 3-layer sandwitch
>
> Encrypt Input.txt first using a traditional RSA/EC algorithm with
> PGP smart card output temp1.asc
> Encrypt temp1.asc using a PQC algorithm (No hardware-based key
> protection supported yet) write output to temp2.asc
> Encrypt temp2.asc using a traditional RSA/EC algorithm crypto
> performed by PGP card write output to final.asc
> Securely delete input.txt, temp1.asc and temp2.asc
>
> Email temp2.asc - PQC Hybrid layer prevents access to the temp1.asc
> in case the final output's key is compromised.
Please don't roll your own encryption - this includes reinventing 3DES.
Encryption sandwiches like this never have the security properties you
might naively think. (See 3DES...)
Also keep in mind that you're orders of magnitude more likely to lose
your SSN or credit card number in a data breach than to quantum
cryptanalysis. And the feds already know your SSN and credit card
number. ;-)
A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xFB73E21AF1163937.asc
Type: application/pgp-keys
Size: 78750 bytes
Desc: OpenPGP public key
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20251016/95f3763a/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20251016/95f3763a/attachment-0001.sig>
More information about the Gnupg-users
mailing list