Why sign as well as encrypt files stored on untrusted drives?

[Faramir]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

El 13-07-2011 7:28, Chris Poole escribió:
...
> Is there some feasible attack that could change the encrypted data
> in such a way that I won't notice it when I decrypt the file, but
> somehow the file will still decrypt?

  Anyone that has a copy of your public key -and by definition, it is
public, and you included the KeyID on your message- can encrypt a file
to you. So, somebody could encrypt a different file to your public key,
and replace the encrypted file in the untrusted drive. You would be able
to decrypt it, and depending on the content of the file, maybe you would
not notice it is not the original file (imagine it is a list of email
addresses, with dozens of addresses, you would not notice if one is
missing, or if there is one extra address).

   A signature would let you know easily if the file has changed.

   But I'm not saying you should sign it, it is up to you. Princess Leia
would sign the message she loaded into R2D2, to prevent things like
"This is Red 5, I'm ready to fire my torpedoes, but... I don't see the
target, are you sure you have the right blueprints of Death Star?".

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJOIOL8AAoJEMV4f6PvczxAKZwH/jXUIZ/R9ul8g1jtmvplsCcu
sn4yTMbL0tLS7ubrlrd8IifjzLS193ryVB7fJcKZtZDEIt5MxeoRDXvWxpS3kMbn
i+ZLxR7rfb67yK+jMpSAGHORbPCOBY++ZlaYjJSw0gkP2IrStSvhbJphTOIfz9IN
LHi9nZkXMGcV2Ub1q3QI3UiIe+IEJD9qg0jJ0aL17DyZDtA1ZSeZO/hgq/2lApuW
12nDfXQ0IQvFvut2mNZ6Bri0XDhuJJC+2O6irqY1/w8nyDlZ3BRQ5YOKkQPMsrMt
dYdxDG2bFP5yr07ieaMpwHXfRr5lvNBaMt1chbQfbAfdjTuwltnya69Wcc3xY3c=
=A1Ad
-----END PGP SIGNATURE-----