IT Department having the secure key.
dshaw at jabberwocky.com
Mon Jul 27 16:49:54 CEST 2009
Somehow this thread mutated into being on both gnupg-devel and gnupg-
users. I'm only replying to gnupg-users. Let's try to keep it on one
On Jul 27, 2009, at 9:41 AM, Ingo Krabbe wrote:
>> You actually can encrypt files to more than one OpenPGP key, so that
>> anyone holding any of the recipient keys can decrypt the data. Maybe
>> this approach would be useful for the OP?
> As far as I know you can keep multiple different encrypted copies of
> a file, but
> one copy of the file will only have one encryption. Assumed that
> you don't want
> to waste space. I just see that you can encrypt for multiple keys,
> but you will
> increase the space needed for the file copy, don't you?
> I mean if you encrypt a file f.txt to f.txt.gpg with 10 recipients,
> you will
> have a f.txt.gpg that contains f.txt 10 times encrypted in 10
> different ways.
> Maybe I'm wrong about this point, but I can't think about an
> encryption strategy
> with mixed recipients.
OpenPGP supports multiple recipients. 10 recipients do not require
10x the space of 1 recipient, instead, you end up with a single
encryption of the data, and then a small encrypted session key per
recipient. So encrypting to 10 recipients is a bit larger than
encrypting to 1 recipient, but it is nowhere near as large as
encrypting to 10 recipients individually. Any of the recipients can
decrypt the data.
More information about the Gnupg-users