identical files -> non-identical encrypted files

Chris Walters cwal989 at comcast.net
Tue Jul 22 08:32:21 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Ian Zimmerman wrote:
| I just noticed this today.  I suppose this is completely obvious to most
| readers of the list and perhaps not something they want to be bothered with;
| apalogies if that's the case.  I have a problem to solve :(
[snip]
| So I suppose gpg puts some salt probably based on timestamp in.  Can this
| be disabled?  Pretty please?

As has already been mentioned, this has nothing to do with salt.  It has to do
with the fact that the session key - used to encrypt the plaintext - is random,
so it will produce different ciphertext each time to encrypt a file.  This is a
good thing, as it makes it much harder to apply a certain type of attack on the
ciphertext.  I'm not sure why you would want to disable this security feature.
I will say that I wouldn't use an encryption program that did not use random
session keys.

Regards,
Chris

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJIhX7rAAoJEE8J0h3nbis2zBoQALXwjG7h4EKJIsZYb5/Ep/Zg
rTEg61KNPSGWrFgdB7sNmnjm2FGqxNlWson4BhFr6d4Dz93n3dvRx1NsBQPvSFm1
I2bPCO7xVgX9KIISU6nvieAFd+GDKPEquf1ZmaZc2Ew5Eeu99OQCpwr9t8dPsEyW
8r2gekBzUAlHbOONSzg627UrZiUbtvjIiK6gT6EjM4a5rB7r1Rqphet7M1rQRuld
vKoSP5Vber56EBHIWCKiePugGmu1STVCZqX/w6X60moGNV/W/gCtEr3g1WG0ibJD
qGj3K+2Z+xaAWg9KL/kZLRcfXSmuN6QOSbMTDFgHHFrSeR4MOpoYnJK6ocnuQBdM
hjEIJp3l/czjTh7P+qQLl0gD7AMlmvJVLhgPUFHZgbsKDZsFN8pz4DXw/UvDZ7L+
o99UiiG1heGwXmhapL3tarYj5bUVmnRVKe4iL38zKli3Ui0FsQC0fzn+9ZDeRPA2
zrSId0vimXAwDMCTzoGi0hBOmdU8/5lJujlv1/Qn7vD9CPNOWi/2NBXng+F8cTAP
FOW/fFjqNfjja0GWiEEwdlIZZuQNs2NUOSnvqskuz7bQTWYrc+tUZhtaOyPRx/KZ
J/KTvlgvzhGW15jIKdqrwlR+ZZ38ES3cw7YgQC0AObcksaLvWeeRR4HhNAj43dTb
KgSQ3q8o3+uveGl9ovLo
=wygW
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list