[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Commercial PGP: Verifying Trustworthiness

[email protected] (Christian D. Odhner) says:
> I could very well be wrong about this one, but since pgp uses a random
> idea session key each time you encrypt, wouldn't that in fact ensure that
> no two encryptions of the same file with the same public key are ever the
> same? Why then would random stuff be needed? 
I knew that! I forgot that! Thanks for reminding me. Back to the drawing board!
A protocol where the user controlled the session key would be more awkward
but would solve that problem. On the otherhand that isn't the PGP protocol.