Re: PGP scripting...

From: Andre Mariën (andre.marienat_private)
Date: Thu Jan 09 2003 - 01:47:55 PST

  • Next message: lsi: "PGP scripting (reprise)"

    Tom Arseneault wrote:
    
    > As for the usage of the key in encryption and decryption, public key
    > encryption is very compute intensive so while you could do bulk encryption
    > with it whould be very slow.. The usual way things are done is that a
    > symmetrical encryption will be used to encrypt a document (DES, 3DES,
    > BLOWFISH, etc..., very fast) with a randomly generated key and that key is
    > then encrypted with the public key of the person you sending the document
    > to. Since only he, through the use of his private key, can decrypt the
    > symmetrical key only he can decrypt the document.
    
    Please do not use public key encryption for bulk data, even if
    you accept the long times. It is a bad idea. If there are n
    possible messgaes, it only takes at most n trials to decrypt
    the message, no matter your key size (if the encrypting key is known;
    typically it is the public key and it is known).
    This problem is justification in itself to have a two stage system
    for encryption of bulk data.
    (there is someone at counterpane that can explain it in more detail ;-)
    



    This archive was generated by hypermail 2b30 : Mon Jan 20 2003 - 22:01:04 PST