[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encrypting same data with many keys...

To: [email protected]
Subject: Re: Encrypting same data with many keys...
From: Bill Stewart <[email protected]>
Date: Fri, 15 Aug 1997 03:42:24 -0700
Cc: Ray Arachelian <[email protected]>, [email protected]
In-Reply-To: <[email protected]>
References: <[email protected]>
Sender: [email protected]

At 05:01 PM 8/14/97 -0400, [email protected] wrote:
>On Wed, 13 Aug 1997, Ray Arachelian wrote:
>> Would it not be more secure if it picked a different IDEA session key for
>> each recipient?  Would be slower, but...
>
>If there were random padding, I don't think it would increase the
>security.  PGP uses one conventional key and multiple PK encryptions of
>it, with different padding (I think).  Then you only have one message to
>send out, i.e. pk1,pk2...pkn,convenc instead of pk1,cenc1 pk2,cenc2...

There's really no need - the threat is in the RSA part,
which is that you can solve for the secret message if you've got
one secret message encrypted with a bunch of known public keys.
By using different random padding on the IDEA session key for each
public-key used, you avoid that problem.  

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 [email protected]
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#   (If this is a mailing list or news, please Cc: me on replies.  Thanks.)

References:
- Re: Encrypting same data with many keys...
  - From: Ray Arachelian <[email protected]>
- Re: Encrypting same data with many keys...
  - From: [email protected]

Prev by Date: Another Free Email Site with remailer possibilities
Next by Date: Re: Toilet plungers and sodomy: Why we should trust police blindly
Prev by thread: Re: Encrypting same data with many keys...
Next by thread: Re: Encrypting same data with many keys...
Index(es):
- Date
- Thread