--list-only and symmetric encryption (fwd)

Timo Schulz twoaday at freakmail.de
Wed Jun 30 20:46:57 CEST 2004

On Tue Jun 29 2004; 23:46, Atom 'Smasher' wrote:

> key. i don't understand how a message can be efficiently ("efficiently", 
> meaning that the message is only encrypted once) encrypted to multiple 
> symmetric keys.

That's not difficult, but I've to admit you need to know the OpenPGP
format in detail to see it without thinking too much.

Tag 3 "Symmetric-Key Encrypted Session Key Packets" has an optional
field to hold the encrypted session key. This key is used to encrypt
the message. The session key itself is encrypted via the S2K key
derrived from a passphrase. If you have more passphrases, the same
session key is encrypted with different passphrases (S2Ks).

Tag3 (- Optionally, the encrypted session key itself, which is decrypted
        with the string-to-key object.)

You see the key for the _message_ is always the same, while the key
to protect the session key itself is different for each passphrase.
If you know one passphrase, you can decipher the message.

Hope my achievement is clear to you.


More information about the Gnupg-devel mailing list