How to verify the file was successfully encrypted...
Alphax
alphasigmax at gmail.com
Fri Jul 14 16:35:56 CEST 2006
George Ross wrote:
>>> BTW, why are you encrypting these files anyway? If someone broke into
>>> your computer they could just steal the crypto key too.
>> Excellent question! Truth be told, as soon as they are encrypted,
>> they're being moved to another server in another location, and then are
>> being burned to CD and moved to a safety deposit box.
>
> How about if you append a hash of the file to the file, and encrypt that
> too? Then have the remote machine do the trial decrypt-and-check-hash. If
> all is OK the remote machine can then tell the local one to delete the
> original; and if it's not OK, it can scream at you.
>
Better than that, if you get GPG to sign the file when it encrypts it
(using a passwordless key/subkey) and/or use the MDC option, you'll be
able to do this more reliably...
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 564 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060715/38368e02/signature.pgp
More information about the Gnupg-users
mailing list