PK-Encrypt-only

Atom Smasher atom at smasher.org
Thu Dec 1 04:03:19 CET 2005


On Wed, 30 Nov 2005, Kurt Fitzner wrote:

> I am contemplating a change to my GnuPG Explorer Extension, but I need 
> some background information.
>
> I know that encrypting a file without signing it is commonly done with 
> symmetrical encryption.  My question is, do people commonly use GnuPG to 
> encrypt a file without signing it using PK-encryption?
>
> Personally, I don't think this would be very common at all.  I mean, I 
> can come up with conceptual reasons why someone might want to encrypt a 
> file to someone else's key without signing the file, but in practice I 
> would think it would be very rare.
>
> I would appreciate knowing if this is something that is commonly done, 
> or if it is very rare.
=========================

done all the time in email for, um, (somewhat) plausible deniability.

encrypting without signing can also be useful in automated encryption 
applications where it would not be beneficial to leave a signing key 
laying around. things such as writing data to a database or sending out an 
encrypted email can benefit from public key encryption; if the server is 
successfully attacked, the public key is compromised and can not aid the 
attacker in recovering encrypted data. adding a signing key (that's 
available to an automated application, and also an attacker) only adds a 
false sense of security as to the message's authenticity.


-- 
         ...atom

  _________________________________________
  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -------------------------------------------------

 	"According to the Environmental Protection Agency, factory farming
 	 pollutes U.S. waterways more than all industrial sources combined."
 		-- PETA





More information about the Gnupg-users mailing list