Is it possible to decide what is a gpg file?

vedaal at vedaal at
Thu Nov 19 16:26:57 CET 2009

There is no way (yet, ;-) ), to do what you want in gnupg, as a 
gnupg encrypted file will show that it was encrypted either 
symmetrically or to a key.

But, if you don't mind XOR-ing with a large pad, and you have a 
secure place to keep the pad, (not on the computer with the 
encrypted files),
you can do something like the following:

[1] Encrypt whatever file you want using gnupg, and the options of 
--throw-keyids  --armor

This will produce a ciphertext output of the encrypted file, with 
no information about the key it was encrypted to, except for the 
type (dh, rsa) and the size.

[2] Find, or write, a document equal to or greater, than the size 
of the file in [1], and save it on your computer, and do not save 
the file in [1].

[3] Construct a pad that XOR's from the file in [2] to the file in 

[4] Save the pad securely somewhere else.

[5] If the pad is discovered, people will expect to use it to apply 
to a ciphertext and recover a plaintext, not the other way around, 
and you have no ciphertexts on your computer, and even if it were 
used correctly to recover the ciphertext, the plaintext still 
cannot be recovered without the key and passphrase.


Only you know what your threat model is.

This will probably not be a good idea to use if your threat model 
includes dangerous determined adversaries who know the field.


More information about the Gnupg-users mailing list