Using single subkey for both signing and encryption?

John Clizbe John at
Mon Nov 2 00:22:00 CET 2009

gpg.mexon at wrote:
> Hi, I just have a basic question about subkeys.  When I create an RSA
> subkey I only have the option to create one for signing or encryption,
> not both.  Why is that?  There's nothing different about the keys
> themselves, is there?  Is there supposed to be some increased security
> to doing it this way?

Given that the underlying mathematics is the same for encryption and signing,
only in reverse, if an attacker can convince a key holder to sign an unformatted
encrypted message using the same key then she gets the original.

John P. Clizbe                      Inet:John (a)
You can't spell fiasco without SCO. hkp://  or
     mailto:pgp-public-keys at

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20091101/a36a6fc6/attachment.pgp>

More information about the Gnupg-users mailing list