On 07/27/2009 09:41 AM, Ingo Krabbe wrote: > I mean if you encrypt a file f.txt to f.txt.gpg with 10 recipients, you will > have a f.txt.gpg that contains f.txt 10 times encrypted in 10 different ways. > Maybe I'm wrong about this point, but I can't think about an encryption > strategy > with mixed recipients.
I believe the way that it works is that the content of the file is encrypted with a symmetric cipher (against a randomly-generated session key). Then, the session key itself is encrypted to the relevant asymmetric key, and placed in a "Public-Key Encrypted Session Key Packet": http://tools.ietf.org/html/rfc4880#section-5.1 So if you encrypt a file to multiple public keys, the encrypted data only grows by the size of one additional Public-Key Encrypted Session Key Packet per recipient (about 0.5KB, depending on the algorithms used). If you're encrypting a 500K file, an extra ESK packet isn't much overhead. --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
