AW: Safety questions

Huels, Ralf SCORE
Tue Jul 2 15:21:02 2002

> 1. Is it better to encrypt (by symmetric cipher) plain file or a 
> compressed one? Does it even matter?

Umm. There is compression done by GnuPG. Whether it's god, bad or
indifferent to compress the file beforehand would probably depend
on the case at hand and might be a matter of long debate ;-)

> 2. Is there a safety risk if an attacker knows the target file 
> type (structure)

AFAIK, no.

> 3. If an attacker gets a plaintext and a ciphertext can he or she 
> find the passphrase?

No. The passphrase isn't even used in the encryption of actual data.
Your plaintext is encrypted with a random key (which is only used 
once) using a symmetric algorithm such as AES. That random session 
key is encrypted with the asymmetric algorithm using the recipient's
public key and then decrypted with the corresponding secret key. 
The passphrase is only used to encrypt the secret key while not in use.

So a successful plain text attack on the message would only reveal
the session key. Theoretically, I suppose, that session key would
then constitute a known plaintext for the asymmetric cypher, but I 
don't think such an attack is feasible.