symmetric email encryption
Robert J. Hansen
rjh at sixdemonbag.org
Fri Jul 18 22:47:53 CEST 2014
> I think what Hauke meant was an exchange of the *passphrase* for the
> symmetric encryption, not the session key.
Same issue, although now you're sharing the seed to a random number
generator for which you want the seed to expire very quickly. You can
mitigate this somewhat using gating and some other RNG tricks, but
fundamentally it's the same problem: once the passphrase goes, the
security of the entire system goes, so therefore change the passphrase
frequently.
More information about the Gnupg-users
mailing list