cloudy understanding of asymmetric cryptography

Sven Radde email at
Thu Mar 26 11:17:22 CET 2009


Felipe Alvarez schrieb:
> Someone today shook my understanding of asymmetric ciphers.
> _Bob performs symmetric encryption on message with_
> _key "K" (generated randomly). He then encrypts "K" _
> _with Alice's public key, and sends both the symetrically _
> _encrypted message and asymmetrically encrypted key to Alice_
> Is this what happens during most/some/all of public-key
> communications?
Yes. It's called a "hybrid cryptosystem" and is exactly what is done in
virtually all practical implementations (SSL, OpenPGP, ...).
The main reason is that asymmetric operations are hugely inefficient so
that you do not want to encrypt 1GB of data with RSA.

Another reason: "K" could be separately encrypted with Alice's, Bob's
and Carol's key which allows several recipients for an encrypted message
without having to encrypt the message itself several times.

HTH, Sven

More information about the Gnupg-users mailing list