Just because it's called a public key doesn't mean that it's automatically known to the public. -----Original Message----- From: Andre Marien [mailto:andre.marienat_private] Sent: Wednesday, January 08, 2003 11:48 PM Cc: secprogat_private Subject: Re: PGP scripting... Tom Arseneault wrote: > As for the usage of the key in encryption and decryption, public key > encryption is very compute intensive so while you could do bulk encryption > with it whould be very slow.. The usual way things are done is that a > symmetrical encryption will be used to encrypt a document (DES, 3DES, > BLOWFISH, etc..., very fast) with a randomly generated key and that key is > then encrypted with the public key of the person you sending the document > to. Since only he, through the use of his private key, can decrypt the > symmetrical key only he can decrypt the document. Please do not use public key encryption for bulk data, even if you accept the long times. It is a bad idea. If there are n possible messgaes, it only takes at most n trials to decrypt the message, no matter your key size (if the encrypting key is known; typically it is the public key and it is known). This problem is justification in itself to have a two stage system for encryption of bulk data. (there is someone at counterpane that can explain it in more detail ;-)
This archive was generated by hypermail 2b30 : Wed Jan 22 2003 - 13:16:58 PST