Question regarding shared keys

Denise Schmid Chinatinte at gmx.ch
Mon Feb 28 23:38:21 CET 2011 

Thanks all for your help.

Now, the story gets even more funny: They claim to have used PGP split-key, then encrypted the files with a randomized key, then encrypted the key with individual keys.

So far so bad. But now comes the best: They claim that, because one of the managers wasn't able to remember his mantra, they decided to _delete_ all encrypted data.

It sounds as if the whole thing is really nothing else but a bogus... Now as Vedaal wrote: Best thing that can happen is that they encrypted something later... 

But I see support for my opinion that the thing smells :-)

Thanks again

Denise


> 
> David's talking about an advanced scenario.  And maybe the company did
> do this, but I've got a feeling you might be over-thinking things.
> 
> Normally, if you encrypt a file to four users, each user has their own
> key that's completely independent of the other users.  If you're trying
> to see if the file was encrypted to another manager, who hopefully
> hasn't conveniently 'lost' his key, you can examine the encrypted file
> and get a list of the keys it's encrypted to.
> 
> So for example, here you can see that even if I claim to have lost my
> key, David is another person who could decrypt the contents...
> 
> johnmudhead:~ grant$ gpg -r kgo at grant-olson.net -r dshaw at jabberwocky.com
>  --encrypt bar.txt
> File `bar.txt.gpg' exists. Overwrite? (y/N) y
> johnmudhead:~ grant$ gpg --list-packets bar.txt.gpg
> :pubkey enc packet: version 3, algo 1, keyid 1458BCCB6A8F7CF6
> 	data: [2045 bits]
> :pubkey enc packet: version 3, algo 16, keyid AE2827D11643B926
> 	data: [2047 bits]
> 	data: [2048 bits]
> :encrypted data packet:
> 	length: 70
> 	mdc_method: 2
> gpg: encrypted with 2048-bit ELG key, ID 1643B926, created 2002-01-28
>       "David M. Shaw <dshaw at jabberwocky.com>"
> gpg: encrypted with 2048-bit RSA key, ID 6A8F7CF6, created 2010-01-11
>       "Grant T. Olson (Personal email) <kgo at grant-olson.net>"
> :compressed packet: algo=2
> :literal data packet:
> 	mode b (62), created 1298914148, name="bar.txt",
> 	raw data: 4 bytes
> 
> 
> -- 
> Grant
> 
> "I am gravely disappointed. Again you have made me unleash my dogs of
> war."
> 

-- 
NEU: FreePhone - kostenlos mobil telefonieren und surfen!			
Jetzt informieren: http://www.gmx.net/de/go/freephone

More information about the Gnupg-users mailing list