cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1997-08-15 - Re: Encrypting same data with many keys…

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: nospam-seesignature@ceddec.com
Message Hash: fb2d54ed84876ad56baa0be8f4d393cb55afdb6433fd7083eef8f1489a0b0aa1
Message ID: <3.0.2.32.19970815034224.0305a2f0@popd.ix.netcom.com>
Reply To: <Pine.SUN.3.96.970813170421.7599R-100000@beast.brainlink.com>
UTC Datetime: 1997-08-15 10:52:55 UTC
Raw Date: Fri, 15 Aug 1997 18:52:55 +0800

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Aug 1997 18:52:55 +0800
To: nospam-seesignature@ceddec.com
Subject: Re: Encrypting same data with many keys...
In-Reply-To: <Pine.SUN.3.96.970813170421.7599R-100000@beast.brainlink.com>
Message-ID: <3.0.2.32.19970815034224.0305a2f0@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



At 05:01 PM 8/14/97 -0400, nospam-seesignature@ceddec.com wrote:
>On Wed, 13 Aug 1997, Ray Arachelian wrote:
>> Would it not be more secure if it picked a different IDEA session key for
>> each recipient?  Would be slower, but...
>
>If there were random padding, I don't think it would increase the
>security.  PGP uses one conventional key and multiple PK encryptions of
>it, with different padding (I think).  Then you only have one message to
>send out, i.e. pk1,pk2...pkn,convenc instead of pk1,cenc1 pk2,cenc2...

There's really no need - the threat is in the RSA part,
which is that you can solve for the secret message if you've got
one secret message encrypted with a bunch of known public keys.
By using different random padding on the IDEA session key for each
public-key used, you avoid that problem.  

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#   (If this is a mailing list or news, please Cc: me on replies.  Thanks.)

Thread