Encrypting a file for anyone to read if having my public key.

David Shaw dshaw@jabberwocky.com
Mon Dec 2 21:12:01 2002

On Mon, Dec 02, 2002 at 01:40:13PM -0600, Alex Watson wrote:
>  My public key is not being made available en masse, but only to a select few individuals where it is imported to their key ring automatically.   The users don't typically interact directly with the software and encrypting/decrypting is done automatically.    So even though my public key is involved, it isn't being made available to a large group and users aren't intended to be involved directly in the encryption/decryption process.
>  My dilemma is that I want some form of encryption, weak as it may be, to initially distribute software to these sites.   Then upon subsequent correspondence, I will receive a public key for these people after their software is installed and a keypair established.   I will then be able to encrypt specifically for them using their public key.
> Thus, I'd like some simple means by which to encrypt for use upon
> initial installation, which does not necessarily have to be strong,
> I'd like to have something more than nothing though.  I understand
> the weakness of such a method, but thought I had read about it
> somewhere.

It works mathematically (an OpenPGP signature is partially done by
encrypting with your secret key), but the actual programs do draw a
distinction between the public and secret keys.

>   Actually, I could use conventional encryption using a password and that would be about equal in strength.  e.g.
> gpg --output test.gpg --symmetric test.txt
> Above works, but is interactive, have to enter passphrase, then retype it again
> Is there something more like below which will work in an automated fashion?  (this doesn't work)
> type pass.txt|gpg --output test.gpg --symmetric --passphrase-fd 0 test.txt

This works for me.  Of course, I use 'cat' instead of 'type'.


   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson