Is a secret key compromised by known cleartext?

Konrad Podloucky konrad@crunchy-frog.org
Sat May 31 13:35:03 2003


--=-WpuN2j6YuE0kT1ir9Xh5
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Sat, 2003-05-31 at 10:14, tito@rumford.de wrote:
[...]
> If I got an email with a message in cleartext immediately=20
> followed by the same message encrypted to my public key --=20
> would that change the status of my secret key (being secret)=20
> abruptly to "being well known"?
>=20
Actually no. If all it took to get the private key was a
plaintext-ciphertext pair, the whole PGP concept would be pretty much
doomed. Everybody who sends you encrypted mail, has access to the
plaintext and ciphertext (because she/he generated both).

gpg takes the plaintext and encrypts it with a symmetric cipher by using
a random key. Then this random key is encrypted with your public key so
that you can decrypt the message. The symmetric algorithms used by gpg
are all immune against known-plaintext attacks.

hth,
	Konrad

--=-WpuN2j6YuE0kT1ir9Xh5
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Comment: For key usage policy see http://www.crunchy-frog.org/pgp/policy.html

iQEVAwUAPtiUHiV8Kic3b+OjAQLVngf9HXEr0AEvM9Tfz96ylo8UUdXjbiBH64U1
FObBf3jwpd+VSzCOvNa7bUN7YZZvRtxhEIMQDJxVdXI9CzdR/c1cuFFSXxXNSlXX
TvaRdrokPxCYYd8hrDdL99RPjiKmMiuki2ML1HY8eqS83rB+xpulqJO5ZdbrQbcl
9mH9W1zMNY6cNCF+cijVwrOYYiRAuEQBWSB0LR5E3J+WCCZ09ti8INNHWnKHoxAQ
AMNQnw2EwgZQrMmW2gVl/n+mrrwspCEZwy627xERsgiCJGEz3BdJjqfoK1qc2kll
tOeGMUyh2G8qFlVLzmCzmbemOCPIBvuc2RizOM5rPVOFQCu33+H8Mw==
=Jk5C
-----END PGP SIGNATURE-----

--=-WpuN2j6YuE0kT1ir9Xh5--