known plain-text attacks

Johan Wevers johanw at vulcan.xs4all.nl
Tue Dec 16 09:25:36 CET 2003


Atom 'Smasher' wrote:

>if one of those recipients wanted to crack the private key of one of the
>other recipients, would it be helpful that the session-key is known?

Fortunately not. Otherwise, all an atacker had to do to crack my secret key
was creating an encrypted message to my key and his own key.

>does it matter which asymmetric encryption algorithm is used?

Not if you choose one that is currently present in GnuPG (including the IDEA
extension). They all are not vulnerable to a known-plaintext attack.

-- 
ir. J.C.A. Wevers         //  Physics and science fiction site:
johanw at vulcan.xs4all.nl   //  http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html



More information about the Gnupg-users mailing list