Is it safe to rename file.gpg to `md5sum file`?

Ben Staude sben1783 at
Fri Nov 30 23:07:44 CET 2012

Hi all,

I'm thinking about a scenario for remote backup with gpg-encrypted files 
(--symmetric, one by one). In addition to encrypting the files contents, 
I'd like to hide their names also.

My backup tool can do the gpg-part for me (i.e. encrypt every file when 
backing it up) and it creates a "summary" file with the source path of 
every file, some stat() details and (for deduplication purposes), the 
md5sum of the original file. Now one simple and convenient approach to 
hide the file names would be a small script that iterates over the 
summary file and renames each gpg'ed file with it's own (unencrypted) 
md5sum. That way, I could use the summary file as a lookup table to find 
an encrypted, md5sum-named file by its original name/path.

Is this a sane way to go? I'm wondering whether the md5sum leaks too 
much information about the original file contents, so that the 
encryption (--cipher-algo AES256 would be my current choice) isn't 
really safe any more?

Thanks in advance

More information about the Gnupg-users mailing list