I'm going to send you a message.
GPG creates a random key from a source of entropy such as /dev/ random. This key is used in a symmetric cipher such as AES128 to encrypt my message.
This symmetric KEY is then ENCRYPTED using your public key and attached to the end of the message.
When you receive the message, you use your private key to DECRYPT the symmetric key and then use the symmetric key to decrypt the message.
Since only your private key can decrypt the attached symmetric key, only you can subsequently decrypt the message.
On Jun 20, 2007, at 11:22 AM, Andrew Berg wrote:
The public key generates a key that symmetrically encrypts the message, which can be deciphered by its corresponding private key. What stops Bob from using Alice's public key to generate a symmetric key that can decrypt her messages?
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
