Random Data String to protect from input correlation

Robert J. Hansen rjh at sixdemonbag.org
Thu Mar 10 17:46:42 CET 2016


> And so I question if data encrypted to my public key has the same 
> output each time when provided with the same input.

No.  Your input is encrypted with a randomly generated AES256 key.  That
AES256 key is encrypted with your recipient's public key.  The encrypted
session key and the encrypted message are given to your recipient.

> If not is there any way the output can be proven to have been the 
> result of a suspected input?

No.  Randomly generated keys are never reused, so there's no way to get
enough of a corpus of different texts to start applying known-plaintext
techniques.  Even if an attacker did, output feedback mode is generally
considered resistant to this sort of cryptanalysis.

> If such correlation is possible, then my proposal would be to have

This wouldn't be the place for it.  You'd be talking about modifying the
RFC.  Take that talk to the OpenPGP working group, please.  :)



More information about the Gnupg-devel mailing list