Seperate Session Key and Encrypted Data
Daniel Koszta
daniel.koszta at gmail.com
Thu Oct 1 17:57:36 CEST 2015
You can use the --show-session-key and --override-session-key option for
gpg.
$ gpg --encrypt <<< "Test Message" > msg
$ gpg --decrypt --show-session-key msg
$ gpg --decrypt --override-session-key 'the_session_key_gpg_gave_you'
Note that you do not need your private key for the last operation.
However, I'm not sure of the security implications of this. From the gpg
manual:
> We think that Key Escrow is a Bad Thing
(Sorry if this message appear twice on the list; I couldn't see the first
one either in my inbox or the archives of the mailing list.)
2015-10-01 16:38 GMT+02:00 Christian Loehle <cloehle at linutronix.de>:
> I want to use gpg to encrypt a potentially large file to some
> (cloud-like) storage provider, the recipients are not known at the time
> of uploading.
> What I want to do is to send the encrypted session key of the file to a
> recipient, when I 'add' them, without re-uploading or even touching the
> original (encrypted) file.
> This should be possible, does anyone know how to? I'm also open to other
> suggestions.
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20151001/22987f8a/attachment-0001.html>
More information about the Gnupg-users
mailing list