Using single subkey for both signing and encryption?

John Clizbe John at Mozilla-Enigmail.org
Mon Nov 2 00:22:00 CET 2009


gpg.mexon at spamgourmet.com wrote:
> Hi, I just have a basic question about subkeys.  When I create an RSA
> subkey I only have the option to create one for signing or encryption,
> not both.  Why is that?  There's nothing different about the keys
> themselves, is there?  Is there supposed to be some increased security
> to doing it this way?

Given that the underlying mathematics is the same for encryption and signing,
only in reverse, if an attacker can convince a key holder to sign an unformatted
encrypted message using the same key then she gets the original.


-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20091101/a36a6fc6/attachment.pgp>


More information about the Gnupg-users mailing list