Encrypted Web Pages?

F. Fox kitsune.or at gmail.com
Tue Dec 18 01:17:45 UTC 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Martin Fick wrote:
(snip)
> 
> Well, I think that is exactly what you will get 
> if you use pgp or gpg to send an encrypted email 
> to multiple recipients. 
> 
(snip)

IIRC, a GPG message in encrypted only once - even if there's multiple
recipients. It goes like this:

1.) A random key is generated.
2.) The message is encrypted with that random key, plugged into a
symmetric cipher.
3.) That random key is encrypted with the public key of each recipient,
and appended to the message itself.

So, the recipient would reverse that process: Use their private key to
decrypt the random key, and use that in the appropriate symmetric cipher
to decrypt the message.

- --
F. Fox: A+, Network+, Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBR2cfuej8TXmm2ggwAQhcmg/+OkAyGUcd9+Z/IEZBXKo37aU5417iv6BD
5EhrPpuvENXzNRksgMIrbaLE86LxEc3rMlMEo3hk/fsU8LjmDOFYZiGtNucOmCJs
iblhWt9O3RrpehnSGamBrbuwRwp22cJA/jKdCzDX5UINy+8IT2u99ngTCy1SpXpr
lqSeRJXFkpjIn4LsFu0lNdAZRDrBo3i38FkNQ/1MR5Ko+OmhsBnMpWoa+EzZD8eq
pMyGsRNMAHel+/cHcmcCwZSU884FlO1I5HPPFq5lujFnUW4ZNWi3g//1iTG3FGJI
P0cNsLFqdBoUDKRnK+WpD5kqmMd1JMcsgH0oT45RE96MpdjXcKTape52VVEW6FpD
aUbX3T7e15iykj0Oqh/qF/jlpq6ex/LLcfeaCsDkJR9D+X3LyfTsn/K8Xf/qrh/x
MKLKtDkZen3dmYRvG0JJ3pp9IzRQvyJGeU/d8f8QarUpJ9OEb7luHHnqKZOzT/fw
ns6TbnZEJOA9FTFhez9krm2BZ86b+sJiXm0lbRsBQ8oyKS7ZJKdT0uWkm9f2R1cv
kevKc6gBdMEVRNVZFFRJ3QoHx/KrpJ3oenqyGg+7EPA4ilNiDDZKKTwirxpN+rbs
8215Gm7q5n9Ob0NbXPxX1XSE0VNBwgezZf3O5xDrFmXNIjUninPqmd5TNGQCwTY+
HERZoDanGpI=
=0M1T
-----END PGP SIGNATURE-----



More information about the tor-talk mailing list