1994-03-03 - Re: Increasing the encrypted/unencrypted ratio (was Re: Insecurity of public key crypto #1 (reply to Mandl))

Header Data

From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
To: ao27+@andrew.cmu.edu
Message Hash: c397ec2ac8c32398122b6f0b4523d3b2b9cfd8034023edf47d8af7b890b69280
Message ID: <9403030024.AA01382@anchor.ho.att.com>
Reply To: N/A
UTC Datetime: 1994-03-03 00:25:51 UTC
Raw Date: Wed, 2 Mar 94 16:25:51 PST

Raw message

From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Wed, 2 Mar 94 16:25:51 PST
To: ao27+@andrew.cmu.edu
Subject: Re: Increasing the encrypted/unencrypted ratio (was Re: Insecurity of public key crypto #1 (reply to Mandl))
Message-ID: <9403030024.AA01382@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> [List could use a PGP key where everybody shares the private key?]

No point.  First of all, anything that everybody on the list has isn't
going to be a secret anyway; it'd get out, and who knows how
many of the subscribers are really spooks anyhow.

Second, the reason for using public-key systems is so you don't have to
distribute secret information - if you're going to do that anyway
you might as well distribute the secret key for a symmetric-key algorithm,
such as "pgp -c".

Third, the newer PGP versions can handle multiple recipients (unless I'm
mixing it up with the plans for the next version?), so you can have
the message encrypted once with one secret key, and N versions of
the secret key (+a random string) encrypted with user i's public key.






Thread