Why sign as well as encrypt files stored on untrusted drives?

Chris Poole lists at chrispoole.com
Wed Jul 13 17:34:55 CEST 2011

On Wed, Jul 13, 2011 at 2:48 PM, David Shaw <dshaw at jabberwocky.com> wrote:
> Look in the "Features" line for "MDC".

My key does indeed have this feature; thanks for the informative reply.

> Back to your original issue though, note that if Fred can get access to your
> (untrusted) drive, he can just replace the whole file with whatever he likes
> (since he just needs your public key to encrypt a new file), with no fussy
> message tampering needed.  That may or may not be an issue in your
> situation.  Signing does help there since Fred presumably doesn't have access
> to your secret key.

I had failed to realise this, somehow. A separate manifest file (also encrypted)
keeps track of which encrypted containers hold which files, so the attack is
definitely harder (or at least more noticeable). I think it's still best to sign
though, just to remove more possible attack vectors.


Chris Poole
[PGP BAD246F9]

More information about the Gnupg-users mailing list