Is a secret key compromised by known cleartext?
Jean-David Beyer
jdbeyer@exit109.com
Sat May 31 13:17:37 2003
tito@rumford.de wrote:
> I'm sorry if this is a faq:
>
> If I got an email with a message in cleartext immediately followed by
> the same message encrypted to my public key -- would that change the
> status of my secret key (being secret) abruptly to "being well
> known"?
>
I do not know that, but it seems in the same category, and possibly
worse than, those who send an email encrypted to those whose public keys
they know, and unencrypted to the rest of some mailing list.
Or even if the sender does not make that mistake, one receiver could
decrypt it and send it to others unencrypted.
It seems to me you must really trust the person to whom you send
encrypted e-mail, and to trust their computer systems as well. I could
imagine myself being paranoid enough never to send encrypted stuff to
people whose machines run Microsoft Windows, for example. As if I knew
anyone who gave a hoot about security and encryption anyway. 8-(
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ Registered Machine 73926.
/( )\ Shrewsbury, New Jersey http://counter.li.org
^^-^^ 7:05am up 12 days, 12:38, 3 users, load average: 2.20, 2.27, 2.12