Question regarding shared keys
Chinatinte at gmx.ch
Mon Feb 28 23:38:21 CET 2011
Thanks all for your help.
Now, the story gets even more funny: They claim to have used PGP split-key, then encrypted the files with a randomized key, then encrypted the key with individual keys.
So far so bad. But now comes the best: They claim that, because one of the managers wasn't able to remember his mantra, they decided to _delete_ all encrypted data.
It sounds as if the whole thing is really nothing else but a bogus... Now as Vedaal wrote: Best thing that can happen is that they encrypted something later...
But I see support for my opinion that the thing smells :-)
> David's talking about an advanced scenario. And maybe the company did
> do this, but I've got a feeling you might be over-thinking things.
> Normally, if you encrypt a file to four users, each user has their own
> key that's completely independent of the other users. If you're trying
> to see if the file was encrypted to another manager, who hopefully
> hasn't conveniently 'lost' his key, you can examine the encrypted file
> and get a list of the keys it's encrypted to.
> So for example, here you can see that even if I claim to have lost my
> key, David is another person who could decrypt the contents...
> johnmudhead:~ grant$ gpg -r kgo at grant-olson.net -r dshaw at jabberwocky.com
> --encrypt bar.txt
> File `bar.txt.gpg' exists. Overwrite? (y/N) y
> johnmudhead:~ grant$ gpg --list-packets bar.txt.gpg
> :pubkey enc packet: version 3, algo 1, keyid 1458BCCB6A8F7CF6
> data: [2045 bits]
> :pubkey enc packet: version 3, algo 16, keyid AE2827D11643B926
> data: [2047 bits]
> data: [2048 bits]
> :encrypted data packet:
> length: 70
> mdc_method: 2
> gpg: encrypted with 2048-bit ELG key, ID 1643B926, created 2002-01-28
> "David M. Shaw <dshaw at jabberwocky.com>"
> gpg: encrypted with 2048-bit RSA key, ID 6A8F7CF6, created 2010-01-11
> "Grant T. Olson (Personal email) <kgo at grant-olson.net>"
> :compressed packet: algo=2
> :literal data packet:
> mode b (62), created 1298914148, name="bar.txt",
> raw data: 4 bytes
> "I am gravely disappointed. Again you have made me unleash my dogs of
NEU: FreePhone - kostenlos mobil telefonieren und surfen!
Jetzt informieren: http://www.gmx.net/de/go/freephone
More information about the Gnupg-users