While I'm on it, I'd like to add here that GPG doesn't really use passwords like one may think. GPG uses public key cryptography - it doesn't use passwords to protect your files; it uses passwords to protect the keys that decrypt or sign the files. Beneath the covers, GPG actually generates an ephemeral symmetric key used for a cipher such as AES and it's this key that actually encrypts the payload and is also the key that's encrypted by a public key and is attached to the message as the pgp protocol. When encrypting to multiple recipients, multiple encrypted ephemeral keys are attached. The recipient who holds a private key just decrypts their copy of the pad with their key, and then decrypts the payload with that.
The more you know
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
