Re: PGP scripting...
From: Andre Mariën (andre.marien@ubizen.com)
Date: 01/09/03
- Previous message: David Wheeler: "Re: Writing Secure code"
- In reply to: Tom Arseneault: "RE: PGP scripting..."
- Next in thread: Jason Coombs: "RE: PGP scripting..."
- Reply: Jason Coombs: "RE: PGP scripting..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 09 Jan 2003 10:47:55 +0100 From: Andre Mariën <andre.marien@ubizen.com>
Tom Arseneault wrote:
> As for the usage of the key in encryption and decryption, public key
> encryption is very compute intensive so while you could do bulk encryption
> with it whould be very slow.. The usual way things are done is that a
> symmetrical encryption will be used to encrypt a document (DES, 3DES,
> BLOWFISH, etc..., very fast) with a randomly generated key and that key is
> then encrypted with the public key of the person you sending the document
> to. Since only he, through the use of his private key, can decrypt the
> symmetrical key only he can decrypt the document.
Please do not use public key encryption for bulk data, even if
you accept the long times. It is a bad idea. If there are n
possible messgaes, it only takes at most n trials to decrypt
the message, no matter your key size (if the encrypting key is known;
typically it is the public key and it is known).
This problem is justification in itself to have a two stage system
for encryption of bulk data.
(there is someone at counterpane that can explain it in more detail ;-)
- Next message: lsi: "PGP scripting (reprise)"
- Previous message: David Wheeler: "Re: Writing Secure code"
- In reply to: Tom Arseneault: "RE: PGP scripting..."
- Next in thread: Jason Coombs: "RE: PGP scripting..."
- Reply: Jason Coombs: "RE: PGP scripting..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
