Double encryption ??
Adrian 'Dagurashibanipal' von Bidder
Mon Apr 7 14:29:01 2003
Content-Description: signed data
On Saturday 05 April 2003 14:14, Oliver Hankeln wrote:
> a friend of mine and me were just starting using GPG.
> He encrypted a text for me an sent it to me. I was able to decrypt it.
> BUT: He was also able to decrypt the encrypted message with his own
> secret key.
> The only reason why this could happen as seen by us is that the text has
> been encrypted twice - with my and with his public key.
> We just want to be sure we didn=B4t make any mistakes. Is our assumption
=46rom the manpage:
Same as --recipient but this one is intended for use in =
options file and may be used with your own user-id as =
"encrypt-to-self". These keys are only used when there =
other recipients given either by use of --recipient or by =
asked user id. No trust checking is performed for these u=
ids and even disabled keys can be used.
So, I'd look in the config file if there is an --encrypt-to statement. Also=
many mailers have the option of automatically encrypting to the own key whe=
sending encrypted mail.
So, you (probably) didn't do anything wrong. The question is, of course, if=
you want mails to be encrypted to both keys. I think it makes sense - I oft=
need to go back and look at what exactly I sent. Theoretically, it makes=20
encryption weaker - for one thing, there's now 2 possible keys, so a brute=
force attack might be somewhat faster (I say *might* - I'm absolutely not=20
sure if it can really be). And, probably more critical: having the same=20
plaintext encrypted with two different keys might just allow some specific=
attack (there is one if the same plaintext is enciphered to multiple RSA ke=
with the same exponent, to name just the classical example).
=46or general use, I wouldn't worry.=20
OpenPGP encrypted mail welcome - my key: http://fortytwo.ch/gpg/92082481
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822?version=1.3&md5sum=14ca616f14682a82cb9cc25c9b34a10d