GPG and multiple recipients
Derek Atkins
warlord-DPNOqEs/LNQ at public.gmane.org
Fri Oct 17 09:32:20 EDT 2008
Tom Metro <blu-5a1Jt6qxUNc at public.gmane.org> writes:
> Dan Ritter wrote:
>> Don Levey wrote:
>>> ...gpg generates its own key, encrypts the data with that, and then
>>> the recipient's public key is used to encrypt the data key...
>>
>> In fact, this is what always happens, one recipient (R) or n recipients
>> R0..Rn. GPG makes a random key K, encrypts your message M with K, then
>> sends K(M) + R0(K) +... Rn(K).
>
> Right...because public key encryption is expensive (CPU intensive), so
> they use a symmetric cypher to encrypt the payload, and use PKI to
> encrypt just the symmetric key.
Not only is public key encryption expensive in terms of CPU, it's also
extremely limited in the size of the message you can encrypt. If you
have a 2048-bit RSA key the message you can encrypt is less than 2K!
That rules out most messages. And when PGP first came out people were
using 512-bit keys. Imagine being limited to messages of under 60
bytes. Not very useful.
When PGP 2.0 was released in September, 1992, it could only encrypt a
message to a single recipient, even though it used this same Encrypted
Session Key (ESK) methodolgy. Multiple recipient support was added
shortly thereafter, but I don't recall if that made it into 2.1.1 or
2.2 back in '92-93.
> -Tom
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord-DPNOqEs/LNQ at public.gmane.org PGP key available
More information about the Discuss
mailing list