Why sign as well as encrypt files stored on untrusted drives?

Chris Poole lists at chrispoole.com
Wed Jul 13 13:28:50 CEST 2011


Say I encrypt a file to myself using my public key, and only I will
ever need or want to access the plaintext. The file will be stored on
an untrusted drive somewhere. I don't care about authenticity, in the
sense that I'll never need to prove to someone else that it was
actually I that sent that file. All I care is that I can get the
plaintext, and no-one else can.

I've read that it's a good idea to sign this file too, but I'm not sure why.

Surely if the file is changed then I've lost that data anyway, and the
file will fail to decrypt.

Is there some feasible attack that could change the encrypted data in
such a way that I won't notice it when I decrypt the file, but somehow
the file will still decrypt?


Chris Poole
PGP key: BAD246F9

More information about the Gnupg-users mailing list