sign encrypted emails

MFPA expires2013 at
Fri Jan 3 11:02:28 CET 2014

Hash: SHA512


On Friday 3 January 2014 at 5:35:28 AM, in
<mid:1681026.Oqz1BqeVtE at>, Hauke Laging wrote:

> I just noticed that you can easily be deluded about an
> email being encrypted: That you receive an encrypted
> mail does not mean that it was sent encrypted. An
> adversary may encrypt a non-encrypted message (which he
> has intercepted) in order to create more trust in the
> message for the recipient: If you receive critical
> information and are aware that it has not been
> encrypted then you may react differently from the case
> where you are sure that is was encrypted.

Encrypted or not, a message you receive may not come from the
purported sender. Witness all the social engineering "phishing" emails
purporting to be from banks who have mislaid your login details.
OpenPGP's mitigation against this is signing emails, and the web of
trust to give assurance who signed.

> Or similar: A message is encrypted to a low security
> key which has been compromised (unnoticed by the
> recipient). The adversary decrypts the message ans
> reencrypts it to a more secure key.

You mean the recipient has 2 keys, one of which the adversary has
compromised? And the adversary intercepts and decrypts mail that is
encrypted to the compromised key, then sends it on its way encrypted
to the non-compromised key? Again, this would be flagged up if the
sender was in the habit of signing outgoing messages (as you stated).

> (this may mean that you sign it twice: once
> before and once after encryption).

Is that better than the usual signing and encryption carried out

> I would like to ask mail client developers to add this
> feature. But before I would like to hear opinions
> whether that makes sense.

Both your examples seem to involve encrypted-only and not signed
messages, so would be unaffected by introducing additional signature
options. Unless signing were compulsory rather than an option.

- --
Best regards

MFPA                    mailto:expires2013 at

Two wrongs don't make a right. But three lefts do.


More information about the Gnupg-users mailing list