can you see any problem with this?
dshaw at jabberwocky.com
Tue Feb 5 19:50:56 CET 2008
On Tue, Feb 05, 2008 at 01:28:08PM -0500, Adrian Thurston wrote:
> My application is here:
> I'm encrypting messages and making them publicly available over static
> HTTP. Anyone who knows the right URL can grab a message and I don't want
> recipients to be identifiable.
> Another issue is that the number of recipients and the size of messages
> may both get very large. A single encrypted message is therefore very
In that case, doing something like this may work for you:
gpg -o output.gpg -R recipient1 -R recipient2 -e thefile.txt
for i in *.pk_enc
cat $i *.encrypted > `echo $i | sed -e 's/\-001\.pk_enc//'`
You'll end up with a directory full of files, one per recipient, and
each a valid OpenPGP message, but all of them protected via
throw-keyid. I'll leave it as an exercise for the reader to determine
which file goes with which recipient ;)
If Alice and Baker both get a message, and Alice knows which file
Baker got, Alice can decrypt Baker's message using her own session
key, thus revealing to Alice that Baker got the same message that
The "non-identifiable" feature with -R (aka throw-keyid) is only as
good as throw-keyid is, which is pretty good but not perfect.
You may or may not care about these caveats.
More information about the Gnupg-users