If everyone involved will have both the public and secret daily keys, I don't see the need for using public cryptography. Just generate all those daily keys¹ as a random 128 bit passphrase each and use a symmetric cipher such as AES.²
It is actually an interesting contemporary phenomenon: there are quite a few instances I've encountered, where the threat model is never properly defined, and therefore the cryptography system architecture is not what fits any particular threat model, and where public key crypto is used where the "common", symmetrical crypto would do the trick quite nicely.
It is my theory that this is happening with such surprising regularity because too many system architects view GPG as a "magic box", without even understanding that in reality it is only a public key crypto "wrapper" around the conventional, symmetric crypto hiding inside. In other words, symmetric crypto is *always used* by their system, if the wrapper around it is used in addition, there better be a justifiable reason for it. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
