Double encryption ??

Adrian 'Dagurashibanipal' von Bidder avbidder@fortytwo.ch
Mon Apr 7 14:29:01 2003 

--Boundary-02=_P9Wk+NjIfeXWrx9
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Saturday 05 April 2003 14:14, Oliver Hankeln wrote:
> Hello,
>
> a friend of mine and me were just starting using GPG.
> He encrypted a text for me an sent it to me. I was able to decrypt it.
> BUT: He was also able to decrypt the encrypted message with his own
> secret key.
> The only reason why this could happen as seen by us is that the text has
> been encrypted twice  - with my and with his public key.
> We just want to be sure we didn=B4t make any mistakes. Is our assumption
> right?

=46rom the manpage:
       --encrypt-to name
                 Same  as  --recipient but this one is intended for use in =
the
                 options file and may be used with  your  own  user-id  as =
 an
                 "encrypt-to-self".   These  keys are only used when there =
are
                 other recipients given either by use of --recipient or by =
the
                 asked user id.  No trust checking is performed for these u=
ser
                 ids and even disabled keys can be used.

So, I'd look in the config file if there is an --encrypt-to statement. Also=
,=20
many mailers have the option of automatically encrypting to the own key whe=
n=20
sending encrypted mail.

So, you (probably) didn't do anything wrong. The question is, of course, if=
=20
you want mails to be encrypted to both keys. I think it makes sense - I oft=
en=20
need to go back and look at what exactly I sent. Theoretically, it makes=20
encryption weaker - for one thing, there's now 2 possible keys, so a brute=
=20
force attack might be somewhat faster (I say *might* - I'm absolutely not=20
sure if it can really be). And, probably more critical: having the same=20
plaintext encrypted with two different keys might just allow some specific=
=20
attack (there is one if the same plaintext is enciphered to multiple RSA ke=
ys=20
with the same exponent, to name just the classical example).

=46or general use, I wouldn't worry.=20

greets
=2D- vbi

=2D-=20
OpenPGP encrypted mail welcome - my key: http://fortytwo.ch/gpg/92082481

--Boundary-02=_P9Wk+NjIfeXWrx9
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iKcEABECAGcFAj6Rb09gGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h
aWwuMjAwMjA4MjI/dmVyc2lvbj0xLjMmbWQ1c3VtPTE0Y2E2MTZmMTQ2ODJhODJj
YjljYzI1YzliMzRhMTBkAAoJEIukMYvlp/fWJLEAnR5s3yXY/eFvnClJHZwAi//E
Z2aZAKDTdFG9yoopq62mLq5DZWxTOH6mdw==
=4QUt
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822?version=1.3&md5sum=14ca616f14682a82cb9cc25c9b34a10d

--Boundary-02=_P9Wk+NjIfeXWrx9--