Symmetric encryption - options?

[Ingo Klöcker]

On Tuesday 13 March 2012, jpemail2001-321 at yahoo.com wrote:
> >It isn't RSA because this is symmetric encryption.  CAST5 is a
> >128-bit block cypher.
> 
> So its not really safe, is it?

Why do you think so? Define "really safe".


> @Robert
> 
> >If you choose to use someone's public certificate to encrypt a
> >message, they use the private part of that certificate to decrypt
> >it -- different things for encryption and decryption, thus a
> >different kind of algorithm, an asymmetric one, is used.So you
> >would suggest, to use RSA? I think so because it seems to be
> >stronger encryption.
> 
> The problem is I need to encrypt a message but I dont know the
> recipient yet. So I considered a passphrase method. Cause he dont
> need to send me his public key (if he has any).
> 
> But.... OK I will try to encrypt the message with a new created
> private key (specially created for the recipient) which I will send
> later to him, so he will be able to decrypt the message. A bit
> complicated but possible, I think!? ^^

That doesn't make any sense. If you use symmetric encryption then you 
have to tell the recipient the passphrase you used for encryption via a 
safe channel.

If you use a private key then you have to tell the recipient the private 
key and the passphrase you used to protect the private key again via a 
safe channel. Of course, you could choose to leave the private key 
unprotected.

In both cases you have to share a secret with the recipient via a safe 
channel. So, where do you see the advantage of using a private key? A 
possible reason would be re-use of the private key. But then you could 
as well re-use the passphrase.


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20120313/ea48fc6d/attachment.pgp>