gpg - difference --encrypt-to and --recipient
vedaal at nym.hush.com
vedaal at nym.hush.com
Mon Jan 7 00:45:23 CET 2019
On 1/3/2019 at 10:14 PM, "MFPA" wrote:> [3] only for the overly
paranoid who revel in tedious
> work-arounds 8^) :
> (a) Encrypt to both yourself and the recipient
> (b) Remove your own id packet from the ciphertext,
> (c) Re-calculate the crc of the ciphertext
> (d) Send the 'hacked' ciphertext along to the
> original recipient
> (e) Store the first ciphertext from (a) along with
> the one from (d), in your sent folder
> (f) now you will always be able to decrypt and
> retrieve the original plaintext
Would the ciphertext at (d) be much different than encrypting to the
recipient and hidden-encrypt-to your own key?
=====
Yes.
The ciphertext in (d) would have no indication that it was being
encrypted to anyone else.
Using 'hidden-encrypt' to your own key, would show that it was
encrypted to another key, but undetectable to whom.
As a concrete difference, if you used the command: gpg
--try-all-secrets
on the file encrypted to the recipient and hidden-encrypt-to your own
key,
it would decrypt to your own key.
Even from the ciphertext, it is detectable because it is 'longer'
(i.e., has another key-packet).
Try encrypting to only one recipient, and the encrypting the same
plaintext to the same recipient, while also using hidden-encrypt to,
and look at the difference in length.
vedaal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190106/90852363/attachment.html>
More information about the Gnupg-users
mailing list