Encryption to key with multiple subkeys

David Shaw dshaw at jabberwocky.com
Wed May 12 02:43:28 CEST 2010

On May 11, 2010, at 7:34 PM, Joke de Buhr wrote:

> Telling people which key to use doesn't solve the problem. Think about me 
> switching places between two computers. Each computer got only one of the two 
> encryption secret keys. So if one computer gets compromised I only loose that 
> specific encryption secret key which can then be revoked from the primary key.
> PC_0 has the secret key to encryption subkey_0 and PC_1 has the secret key to 
> encryption subkey_1. If I tell people to use subkey_0 I won't be able to 
> decrypt the message if I'm working on PC_1. If I'm working on PC_0 I can't 
> decrypt the message if the users used subkey_1 for encryption.

In this example, where one of the two computers is compromised, people encrypting to both of your subkeys guarantees that the attacker can decrypt your communications.  In the current behavior of encrypting to the most recent subkey, the attacker only has a 50% chance of getting your communications.  You should hope that the older PC is the one that gets compromised :)


More information about the Gnupg-users mailing list