[Cialug] dumb gpg question
Kenneth Ristau
kristau at kristau.net
Fri Jul 22 18:14:05 CDT 2005
Don Cady wrote:
> Q1. 'They' being us people (do it manually), or the application(s)?
> Q2. So you end up sending an extra file, or does it all get combined
> into one?
>
> Don
It all gets combined. If you encrypt with multiple keys, the actual
data itself is only encrypted once with what GNUPG refers to as a
session key. The session key is then encrypted with each recipient's
public key and each of those encrypted keys is tacked on to the end (I
believe) of the final file. Crappy ASCII art time:
________________________________________________________________
|Header|Data encrypted w/session key.................|PK1|PK2|PK3|
|______|_____________________________________________|___|___|___|
PKx == session key encrypted with recipient x's public key.
Note: this isn't an exacting representation, just a
pseudo-representation off the top of my head.
Therefore, if you include your own public key while encrypting the file
(target's key is PK1 and your key is PK2), then you can use your own
secret key to decrypt the data. If you ONLY encrypt with PK1, then you
can NOT decrypt the data with your secret key.
later,
kristau
--
Tired programmer
Coding late into the night
The core dump follows
My GNUPG public key is available at http://www.kristau.net/public_key.asc
More information about the Cialug
mailing list