how vulnerable is "hidden-encrypt-to"

Daniel Kahn Gillmor dkg at
Sat Aug 18 16:36:21 CEST 2012

On 08/17/2012 11:16 AM, Hauke Laging wrote:
> Am Fr 17.08.2012, 09:56:56 schrieb auto15963931:
>> or what key ID
>> had been used in conjunction with that option? Thanks.
> You need the private recipient key in order to find out that key ID. It's the 
> use of this option that you cannot get this information in another way.

It's worth observing that you can still detect the algorithm used and
the size of the key, even when the keyid is all zeros.  So if someone
has a particularly unusual key size (or is an early adopter of an
unusual key type, like ECC), the pool of possible known recipients could
actually be pretty small.

And it's also possible to rule out a given person as an intended
recipient, e.g. if they have a 2048-bit RSA key and the ESK packet
targets 4096-bit el gamal.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120818/a0828d43/attachment.pgp>

More information about the Gnupg-users mailing list