Seperate Session Key and Encrypted Data

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Sat Oct 3 13:11:16 CEST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512



On Thursday 1 October 2015 at 4:08:13 PM, in
<mid:560D4C5D.5000701 at gmail.com>, Koszta Dániel wrote:



> However, I'm not sure of the security implications of
> this. From the gpg manual:

>> We think that Key Escrow is a Bad Thing

The security implication of sharing the session key is a positive one:
it can only compromise the one message. By contrast, divulging a
private key would compromise all messages encrypted to that key, as
well as allowing the party to whom the private key was divulged to
make signatures with it.




- --
Best regards

MFPA                  <mailto:2014-667rhzu3dc-lists-groups at riseup.net>

My mind works like lightning... one brilliant flash and it's gone
-----BEGIN PGP SIGNATURE-----

iQF8BAEBCgBmBQJWD7foXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXw57oH/2ZojVdVudqJoVDeXgBx6qUd
hehJRPK9MG8/0HowMT3YrlWowmVQmTpZy5GHmIRGDPhFTJCoc1qNPr/CDPLu+NNi
+LNBrhaw2T9MCYlFyDpVjuX4kovYgoIAoZUhC1/B6jeno+6+fXP+hY5DjqCn1Tph
oisSF5qnzgbWMpHaa1PPstqXPi3riFJt0TPV/4tp7bCDRpZrKhUc7QTW5twD8Lnz
AaXJ/axQcsIkVI/QKdP9Uo7fHImE798m7BRUS7RIxrndMWWqIYDnAp8MPqbRZ2Zk
koZXKa0Ul6C8DHbMacUATSH7qiJ0u5DB1XRAGUT1NLVi3O0DivXuXRjpKbCbSNeI
vgQBFgoAZgUCVg+3+18UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45AO/AP9YUE+RBOv1fkU8NTWxyGlLOF6U
P8EM8RMmOeCngEc2ZQEAjOVuTJpHBaysHzGIbiox5UaFQcMQJQILl3lR0TOqgw8=
=qhK/
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list