PK-Encrypt-only
Atom Smasher
atom at smasher.org
Thu Dec 1 04:03:19 CET 2005
On Wed, 30 Nov 2005, Kurt Fitzner wrote:
> I am contemplating a change to my GnuPG Explorer Extension, but I need
> some background information.
>
> I know that encrypting a file without signing it is commonly done with
> symmetrical encryption. My question is, do people commonly use GnuPG to
> encrypt a file without signing it using PK-encryption?
>
> Personally, I don't think this would be very common at all. I mean, I
> can come up with conceptual reasons why someone might want to encrypt a
> file to someone else's key without signing the file, but in practice I
> would think it would be very rare.
>
> I would appreciate knowing if this is something that is commonly done,
> or if it is very rare.
=========================
done all the time in email for, um, (somewhat) plausible deniability.
encrypting without signing can also be useful in automated encryption
applications where it would not be beneficial to leave a signing key
laying around. things such as writing data to a database or sending out an
encrypted email can benefit from public key encryption; if the server is
successfully attacked, the public key is compromised and can not aid the
attacker in recovering encrypted data. adding a signing key (that's
available to an automated application, and also an attacker) only adds a
false sense of security as to the message's authenticity.
--
...atom
_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"According to the Environmental Protection Agency, factory farming
pollutes U.S. waterways more than all industrial sources combined."
-- PETA
More information about the Gnupg-users
mailing list