I'm not sure I understand the point of this message. It seems that you are saying that you can figure out the cleartext message by taking the n possible cleartext messages and encrypting with the known public key until you find the cipher text. That much makes sense, but since we were talking about encryption of bulk data it seems that the number of possible messages would be VERY large and such an approach would not be workable. It seems that your comment would even argue AGAINST the "two stage" system that you're talking about. The total number of possible symmetric keys would be much less than the total number of possible messages. But then I'm a bit of a crypto ignoramus. If you (or someone) would elaborate a bit I would be grateful. Breck -----Original Message----- From: Andre Mariën [mailto:andre.marienat_private] Sent: Thursday, January 09, 2003 1:48 AM Cc: secprogat_private Subject: Re: PGP scripting... Tom Arseneault wrote: > As for the usage of the key in encryption and decryption, public key > encryption is very compute intensive so while you could do bulk encryption > with it whould be very slow.. The usual way things are done is that a > symmetrical encryption will be used to encrypt a document (DES, 3DES, > BLOWFISH, etc..., very fast) with a randomly generated key and that key is > then encrypted with the public key of the person you sending the document > to. Since only he, through the use of his private key, can decrypt the > symmetrical key only he can decrypt the document. Please do not use public key encryption for bulk data, even if you accept the long times. It is a bad idea. If there are n possible messgaes, it only takes at most n trials to decrypt the message, no matter your key size (if the encrypting key is known; typically it is the public key and it is known). This problem is justification in itself to have a two stage system for encryption of bulk data. (there is someone at counterpane that can explain it in more detail ;-)
This archive was generated by hypermail 2b30 : Wed Jan 22 2003 - 11:25:05 PST