Is a secret key compromised by known cleartext?

Jean-David Beyer jdbeyer@exit109.com
Sat May 31 13:17:37 2003


tito@rumford.de wrote:
 > I'm sorry if this is a faq:
 >
 > If I got an email with a message in cleartext immediately followed by
 > the same message encrypted to my public key -- would that change the
 > status of my secret key (being secret) abruptly to "being well
 > known"?
 >
I do not know that, but it seems in the same category, and possibly
worse than, those who send an email encrypted to those whose public keys 
they know, and unencrypted to the rest of some mailing list.

Or even if the sender does not make that mistake, one receiver could 
decrypt it and send it to others unencrypted.

It seems to me you must really trust the person to whom you send 
encrypted e-mail, and to trust their computer systems as well. I could 
imagine myself being paranoid enough never to send encrypted stuff to 
people whose machines run Microsoft Windows, for example. As if I knew 
anyone who gave a hoot about security and encryption anyway. 8-(

-- 
   .~.  Jean-David Beyer           Registered Linux User 85642.
   /V\                             Registered Machine    73926.
  /( )\ Shrewsbury, New Jersey     http://counter.li.org
  ^^-^^ 7:05am up 12 days, 12:38, 3 users, load average: 2.20, 2.27, 2.12