Security Implications

Ingo Klöcker
Fri Dec 14 01:07:02 2001

Hash: SHA1

On Wednesday 12 December 2001 20:53, Steve Butler wrote:
> > A thought question for the crypto-analysts.
> >
> > Given the same file is being encrypted for two (or more) recipients
> > all having separate public keys on my keyring.  Presume that I will
> > FTP the encrypted file to each recipient's inbound FTP site.
> > Ignoring the work overhead on my computer, which provides better
> > overall security and immunity to decrypting attacks:
> >
> > 1.  Encrypt the file to each recipient individually and FTP each
> > encrypted file to the appropriate recipient.  (encrypt many)
> >
> > 2.  Encrypt the file for all recipients and FTP the one encrypted
> > file to each recipient's FTP site. (encrypt once with many
> > recipients)

It doesn't matter. In the second scenario the session key is encrypted 
with all the recipients' keys. Therefore the probability to find a key 
to decrypt the session key is slightly higher. But as it's much more 
time consuming to find the secret key corresponding to a public key 
than to simply find the session key (by brute force) nobody would ever 
try to crack the asymmetrically encrypted session key but would crack 
the symmetrically encrypted message itself instead.

The only advantage of individually encrypted files is that the 
recipients then don't know to whom else you sent an encrypted version 
of this file.

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see