Show that an encrypted message was signed, without decrypting it

Helmut Waitzmann Anti-Spam-Ticket.b.qc3c v_a-brxx.throttle at xoxy.net
Sun Oct 11 05:27:43 CEST 2020


Stefan Claas <sac at 300baud.de>:

>I was reading old GnuPG threads were people were asking if it's 
>possible to extract a signature from an encrypted message.
>
>I would like to ask, I don't know if this is already possible or 
>if it's planned, if Alice would request from Bob that he always 
>signs his messages and Bob, lazy as he is, often forgets this, 
>can Alice check if Bob's encrypted message(s) have signed byte(s) 
>set, without actually decrypting or revealing Bob's identity?

As far as I know this is impossible, because messages are first 
signed and then encrypted, i. e. the signature is encrypted, 
too.  Therefore there is no access to the signature unless the 
message is decrypted. 

>If the encrypted messages would not be signed then Alice can 
>simply discard the message(s).

Yes, but why should she want to be able to do that?  She could 
decrypt the message and, if it turns out that the message is not 
signed, discard the message. 

>And is this optional in GnuPG, in case it is already implemented? 


As far as I know the order “first sign, then encrypt” is 
mandatory, so there is no way for GnuPG to deviate from it. 

And this is a good thing, as it thwarts Eve eavesdropping on the 
originator's identity (i. e. Bob) of a message sent to Alice. 

Helmut
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201011/456b6ea7/attachment.sig>


More information about the Gnupg-users mailing list