GPG and multiple recipients
Dan Ritter
dsr-mzpnVDyJpH4k7aNtvndDlA at public.gmane.org
Thu Oct 16 12:24:24 EDT 2008
On Thu, Oct 16, 2008 at 12:12:06PM -0400, Don Levey wrote:
> use in a data processing environment (the specific one isn't really
> important). The question came up: when encrypting a file, how does it
> handle multiple recipients? I know that multiple addresses can be
> specified (each with their own --recipient tag), and as one output file
> is created clearly it's not just a simple encryption of the input file
> using only the recipient's public key.
>
> One possibility we discussed was that gpg generates its own key,
> encrypts the data with that, and then the recipient's public key is used
> to encrypt the data key and that is then tacked on to the metadata. If
> this is the case, it would explain why the output file grows somewhat
> with each new recipient.
In fact, this is what always happens, one recipient (R) or n recipients
R0..Rn. GPG makes a random key K, encrypts your message M with K, then
sends K(M) + R0(K) +... Rn(K).
http://www.menet.umn.edu/docs/software/pgp/pgp/pgp.html
-dsr-
--
http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference.
You can't defend freedom by getting rid of it.
More information about the Discuss
mailing list