symmetric email encryption
Ingo Klöcker
kloecker at kde.org
Fri Jul 18 19:39:05 CEST 2014
On Friday 18 July 2014 19:21:05 Hauke Laging wrote:
> Am Fr 18.07.2014, 09:46:14 schrieb Doug Barton:
> > Hauke,
> >
> > I think you skated past a previous question about your idea, and I'm
> > also interested in the answer so I'll ask it again. :)
> >
> > If you have a secure channel of communication by which you can
> > exchange the symmetric password (which you would need to make your
> > scheme work), why don't you use that channel for communication,
> > rather than e-mail?
>
> If I have understood everything right then this is not the same
> question.
>
> But I am really surprised that you ask why you should communicate via
> email with someone "though" you e.g. meet him once per month. Or with
> someone whom you could call instead. Is that really your question?
>
> Symmetric keys and fingerprints have to be exchanged through a secure
> channel only once.
Sure. But the fingerprint is only used once (for verifying the key). And
it's not even secret information, so exchange via an insecure channel is
not an issue (at least, not a severe issue).
OTOH, symmetric keys really should be exchanged via a secure channel.
Moreover, reusing a symmetric key is a big no-no. And exchanging a new
symmetric key for each new message is completely impractical (unless you
use assymmetric keys for this). Exchanging a large number of symmetric
keys at the same time is a bit less impractical, but then you need to
keep track of which symmetric key is used next.
Long ago people have found a good solution for all those problems
concerning the exchange of symmetric keys: Assymmetric encryption.
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140718/5d8e90af/attachment.sig>
More information about the Gnupg-users
mailing list