Secret key holder identity
niknot at gmail.com
Thu Feb 22 16:53:44 CET 2007
On 2/22/07, Werner Koch <wk at gnupg.org> wrote:
> On Tue, 20 Feb 2007 18:02, niknot at gmail.com said:
> > If the system was designed for the real world, the encrypted message
> > would, by default, consist of a binary data set, indistingushable from a
> > random stream, until and unless decrypted using the recipient's private key.
> A real world system needs to know the key for decryption and not fall
> back to a time consuming mode of trial decryption with all available
> secret keys...
> OpenPGP is not designed to thwart traffic analysis. It has merely
> some provisions to help such a system
Thanks Werner - we agree on the OpenPGP design. I'm only trying to
point out that this is a serious limitation, more so now than at the
time PGP was born (or OpenPGP was designed).
Tempora mutantur (et nos in illis?)
More information about the Gnupg-users