Big curiosity

Johan Wevers johanw at vulcan.xs4all.nl
Sun Jun 13 18:58:54 CEST 2021


On 13-06-2021 16:06, knighttemplar5--- via Gnupg-users wrote:

> I have been contemplating subscribing to an email forwarding service
> that will encrypt all the forwarded mails to me with my public key.
> Lets imagine the country where the forwarding takes place can see all my
> emails in plain text and at the same time the same emails PGP encrypted,
> can enough of this data pose a threat to my private key?

What you describe is in cryptography known as a known-plaintext attack.

It can happen in a less obvious way. For example I remember the old Word
Perfect 5 for DOS that had the option to encrypt its files. It did that
by XORing the entire file with your password. However, because the first
few bytes of a WP file were always the same it was trivial to deduct the
password from a file that was encrypted with this method.

So XOR is vulnerable to a known-plaintext attack. However, since this is
a well-known attack (it was already used against the German Enigma code
in WW2), all modern encryption algorithms are tested against this and
will certainly not be put in GnuPG is they are vulnerable to it.

So, in short, the answer to your question is "no, it is not a threat".

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html




More information about the Gnupg-users mailing list