Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0

gnu-arch-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0

From:	Andrew Suffield
Subject:	Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0
Date:	Wed, 31 Dec 2003 15:04:26 +0000
User-agent:	Mutt/1.5.4i

On Thu, Jan 01, 2004 at 01:56:46AM +1100, Robert Collins wrote:
> On Thu, 2004-01-01 at 01:52, Aaron Bentley wrote:
> > On Wed, 2003-12-31 at 08:54, Andrew Suffield wrote:
> > 
> > > People have tried to abuse the encryption form for one-to-many
> > > purposes before now (either via a shared secret, which defeats the
> > > point, or via encrypting multiple times, which is an infeasible use of
> > > resources). 
> > 
> > The classic description of public/private key architecture has the
> > public key being used to encrypt a session key.  Couldn't the same
> > session key be encrypted with multiple public keys?  Or is that the
> > "infeasible use of resources"?
> 
> Actually, thats precisely the mechanism used by gpg to encrypt to many
> recipients.

> Note that any recipient can then compromise the
> confidentiality - the shared secret IS the session key.

Well, they can do that anyway, if they can decrypt the data. But here
they can do it anonymously and without compromising their own key.

-- 
  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0, (continued)

Prev by Date: Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0
Next by Date: Re: [Gnu-arch-users] Libraries and changesets
Previous by thread: Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0
Next by thread: Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0
Index(es):
- Date
- Thread