cloudy understanding of asymmetric cryptography

Andreas Heinlein aheinlein at gmx.com
Thu Mar 26 14:43:08 CET 2009


Felipe Alvarez schrieb:
> On Thu, Mar 26, 2009 at 8:17 PM, Sven Radde <email at sven-radde.de> wrote:
>   
>> Hi!
>>
>> Felipe Alvarez schrieb:
>>     
>>> Someone today shook my understanding of asymmetric ciphers.
>>>
>>> _Bob performs symmetric encryption on message with_
>>> _key "K" (generated randomly). He then encrypts "K" _
>>> _with Alice's public key, and sends both the symetrically _
>>> _encrypted message and asymmetrically encrypted key to Alice_
>>>
>>> Is this what happens during most/some/all of public-key
>>> communications?
>>>       
>> Yes. It's called a "hybrid cryptosystem" and is exactly what is done in
>> virtually all practical implementations (SSL, OpenPGP, ...).
>> The main reason is that asymmetric operations are hugely inefficient so
>> that you do not want to encrypt 1GB of data with RSA.
>>
>> Another reason: "K" could be separately encrypted with Alice's, Bob's
>> and Carol's key which allows several recipients for an encrypted message
>> without having to encrypt the message itself several times
I think the latter is the more important point nowadays. I do not
believe doing complete RSA encryption would take too long on modern
hardware for reasonable file sizes. But if you encrypted a file of 10MB
to 10 recipients this way, it would become around 100MB in size.
> I learned a lot thanks for explaining it so quickly and easily. I had
> thought that the entire message was encrypted with (say) RSA! Is there
> a way to "force" gpg to encrypt an entire message with (example) RSA
> (just for time-testing purposes?)
> Felipe
No, I don't think that's possible.

Bye,
Andreas



More information about the Gnupg-users mailing list