RE: PGP scripting...

From: Beatie, Breck (ISSMountain View) (BBeatieat_private)
Date: Tue Jan 21 2003 - 09:13:08 PST

  • Next message: Jason Coombs: "RE: PGP scripting..."

    I'm not sure I understand the point of this message.  It seems that
    you are saying that you can figure out the cleartext message by taking
    the n possible cleartext messages and encrypting with the known public
    key until you find the cipher text.  That much makes sense, but since
    we were talking about encryption of bulk data it seems that the number
    of possible messages would be VERY large and such an approach would
    not be workable.
    
    It seems that your comment would even argue AGAINST the "two stage"
    system that you're talking about.  The total number of possible symmetric
    keys would be much less than the total number of possible messages.
    
    But then I'm a bit of a crypto ignoramus.  If you (or someone) would
    elaborate a bit I would be grateful.
    
    
    Breck
    
    -----Original Message-----
    From: Andre Mariën [mailto:andre.marienat_private]
    Sent: Thursday, January 09, 2003 1:48 AM
    Cc: secprogat_private
    Subject: Re: PGP scripting...
    
    
    
    
    Tom Arseneault wrote:
    
    > As for the usage of the key in encryption and decryption, public key
    > encryption is very compute intensive so while you could do bulk encryption
    > with it whould be very slow.. The usual way things are done is that a
    > symmetrical encryption will be used to encrypt a document (DES, 3DES,
    > BLOWFISH, etc..., very fast) with a randomly generated key and that key is
    > then encrypted with the public key of the person you sending the document
    > to. Since only he, through the use of his private key, can decrypt the
    > symmetrical key only he can decrypt the document.
    
    Please do not use public key encryption for bulk data, even if
    you accept the long times. It is a bad idea. If there are n
    possible messgaes, it only takes at most n trials to decrypt
    the message, no matter your key size (if the encrypting key is known;
    typically it is the public key and it is known).
    This problem is justification in itself to have a two stage system
    for encryption of bulk data.
    (there is someone at counterpane that can explain it in more detail ;-)
    



    This archive was generated by hypermail 2b30 : Wed Jan 22 2003 - 11:25:05 PST