can you see any problem with this?
thurston at cs.queensu.ca
Tue Feb 5 20:24:15 CET 2008
Yes I think I can live with those characteristics of the system. Thanks for your analysis!
From: David Shaw <dshaw at jabberwocky.com>
Date: Tue, 5 Feb 2008 13:50:56
To:Adrian Thurston <thurston at cs.queensu.ca>
Cc:gnupg-users at gnupg.org
Subject: Re: can you see any problem with this?
On Tue, Feb 05, 2008 at 01:28:08PM -0500, Adrian Thurston wrote:
> My application is here:
> I'm encrypting messages and making them publicly available over static
> HTTP. Anyone who knows the right URL can grab a message and I don't want
> recipients to be identifiable.
> Another issue is that the number of recipients and the size of messages
> may both get very large. A single encrypted message is therefore very
In that case, doing something like this may work for you:
gpg -o output.gpg -R recipient1 -R recipient2 -e thefile.txt
for i in *.pk_enc
cat $i *.encrypted > `echo $i | sed -e 's/\-001\.pk_enc//'`
You'll end up with a directory full of files, one per recipient, and
each a valid OpenPGP message, but all of them protected via
throw-keyid. I'll leave it as an exercise for the reader to determine
which file goes with which recipient ;)
If Alice and Baker both get a message, and Alice knows which file
Baker got, Alice can decrypt Baker's message using her own session
key, thus revealing to Alice that Baker got the same message that
The "non-identifiable" feature with -R (aka throw-keyid) is only as
good as throw-keyid is, which is pretty good but not perfect.
You may or may not care about these caveats.
More information about the Gnupg-users