pedro.markov at ml1.net
pedro.markov at ml1.net
Mon Jul 28 22:08:58 CEST 2014
On 07/28/2014 08:04 PM, Pete Stephenson wrote:
> > I told to my self that it would be interesting as securing method to
> > stuff with a private key "with out having the public key". this
> would mean that only
> > the person who has public key would have access to the data with out
> > a password.
> When would this be useful? The public key is public, and anyone with
> it could decode the message. To secure a message such that only the
> desired recipient can read it, you should encrypt a message to the
> recipient's public key so that only their private key can decrypt it.
> Simply put, I don't understand a situation where using your system
> would be an improvement over the current system, but perhaps I
> misunderstand sometihng.
Using this method there is no "password required", it is only need to
know how to rebuild the public key. So you can safely store
a "damaged public key" on your computer/web server/ whatever and if
some one steal it he won't be able to get your information.
I find this very attractive, because i could damage the key and still
remember how to fix it many years after, But it is by sure that
i wont remember an unic password 5 or 10 years after. ( maybe other
people can )
> > (and the person with the private key too i think, it would be great
> if only the person
> > with the public key can decrypt the data, maybe there is one option,
> i'll check for that.)
> > So why i was asking about the CRC error?
> Because the key was modified in a way that GPG did not expect.
This one was funny, actually it was a rhetorical question, and the
explanation was the following text.
(My English is not pretty good and my syntax is not American...)
> > when i was testing this method, i removed the keys from my keyring,
> and then
> > i imported only the secret key. For my surprise there was also the
> public key.
> > Is there anyway to only import the secret key?
> The public key can be (and is) regenerated as needed from the private
> key. If you import a private key and there is no corresponding public
> key in the keyring, GPG automatically recreates the public key and
> puts it in the keyring. As far as I know there is no way to import
> only a private key without the corresponding public key.
Thanks, this information was really useful. I can still making a super
complicated password and store the damaged public key. If some day i
forget the password I'll be able to rebuild the public key!
More information about the Gnupg-users