Why sign as well as encrypt files stored on untrusted drives?
faramir.cl at gmail.com
Sat Jul 16 03:01:48 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
El 13-07-2011 7:28, Chris Poole escribió:
> Is there some feasible attack that could change the encrypted data
> in such a way that I won't notice it when I decrypt the file, but
> somehow the file will still decrypt?
Anyone that has a copy of your public key -and by definition, it is
public, and you included the KeyID on your message- can encrypt a file
to you. So, somebody could encrypt a different file to your public key,
and replace the encrypted file in the untrusted drive. You would be able
to decrypt it, and depending on the content of the file, maybe you would
not notice it is not the original file (imagine it is a list of email
addresses, with dozens of addresses, you would not notice if one is
missing, or if there is one extra address).
A signature would let you know easily if the file has changed.
But I'm not saying you should sign it, it is up to you. Princess Leia
would sign the message she loaded into R2D2, to prevent things like
"This is Red 5, I'm ready to fire my torpedoes, but... I don't see the
target, are you sure you have the right blueprints of Death Star?".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Gnupg-users