If the message is encrypted symmetrically

Henry Hertz Hobbit hhhobbit at securemecca.net
Fri Jun 22 01:52:26 CEST 2007

Joseph Oreste Bruni <jbruni at mac.com> wrote:

> To extend our discussion, suppose I wish to send an encrypted message  
> to multiple recipients. I would then encrypt the (randomly generated)  
> symmetric key to each recipient's public key in turn. All of the  
> encrypted copies (of the symmetric key) are attached. A valid  
> recipient will be able to encrypt his (and only his) copy of the  
> symmetric key and then decrypt the document.

Everything is fine with what you said until you say this. In real
practice what Thunderbird and Evolution (I can't speak for the
other email programs) do is generate a separate symmetric encryption
for each user.  Without looking at the source code (which I have
NOT done for this particular situation) you can't tell whether each
user gets a separate random symmetric session key or whether all
users share the same random symmetric session key.  Knowing the
paranoia of encryption coders, I suspect that each user gets their
own randomly created symmetric session key.  It also doesn't make
much sense if you use the same random session key for every user.
If you do that, why not just have one copy of the symmetric
encryption? Without looking at the code though, I don't know that
for certain.  I suspect that the mail programs just use what GnuPG
gives them and only do the one call to GnuPG, so you can actually
do the tests with the multiple users on the command line without
even using email.

However, I do know that if you do tests by actually sending the same
encrypted mail message (use a fairly large message of at least 64 K)
to one, two, and three recipients then you can see this. Save all of
the messages to a file and edit out the headers and you will find the
approximate size differences for the three files:

double = 2 * single
triple = 3 * single
triple = 1.5 * double

If you had one shared symmetric encryption you wouldn't have
those size changes since you would only be adding the size of
the asymmetric encryption of the randomly generated session key
used to do the symmetric encryption for each additional person.

I will volunteer for being one of the three users (after yourself
you need only one more user) if you want to do the tests actually
using email itself, but I would advise just using the multiple
recipients on the command line first and comparing the sizes there.
Rummage around in the Enigmail section of the Thunderbird forum
and if they don't have the answer just ask if they only do one
call to GnuPG to do the encryption.


More information about the Gnupg-users mailing list