Hi! Noiano schrieb: > I was wondering about how gnupg works when I encrypt a message for > multiple recipients. As long as I know public-key encryption works as > described in this image > http://upload.wikimedia.org/wikipedia/commons/f/f9/Public_key_encryption.svg.
This image is a simplified view on public key encryption. Actually, GnuPG (and practically all other implementations) use a "hybrid" cryptosystem and not "pure" public key encryption. A hybrid system first generates a random key for a symmetric algorithm (say, AES) and encrypts the message itself with this key (called the "session key"). The session key is then encrypted with the public key of each recipient and all those encrypted session keys are sent along with the message. The recipient then finds the session key packet that was encrypted for his private key, decrypts the session key and uses the session key to decrypt the message itself. Apart from the nice property that you can encrypt for multiple recipients, this has major advantages in efficiency: The bulk of the data is encrypted with a relatively fast symmetric algorithm and only the short key for that (say, 256 bit = 32 bytes) is encrypted with the very slow asymmetric algorithms. You really wouldn't want to wait for a pure RSA encryption of a few megabytes (and I'm not even sure whether that would be a good idea, security-wise). cu, Sven _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
