-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list like this:
TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES
The meaning of A+B would be to encrypt using A first, and then encrypt
t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
GPG supports the feature of having multiple UIDs per key.
However this requires special care of anyone signing such a key.
AFAIK, there is no really user-friendly, and definitely no
newbie-friendly way to do so. IMO this makes it much harder to expand
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 16.09.2013 23:18, schrieb Ingo Klöcker:
> On Monday 16 September 2013 11:57:04 Doug Barton wrote:
>> The way that your signer did it is _a_ standard way to do it.
>> CAFF is a very popular program for that, and there is another
>> here that is also
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 17.09.2013 08:23, schrieb atair:
> On 9/16/13, Doug Barton wrote:
>> The way that your signer did it is _a_ standard way to do it.
>> CAFF is a very popular program for that, and there is another
>> here that is also pretty good:
>> http://www.phil
Am 17.09.2013 02:09, schrieb Doug Barton:
> On 09/16/2013 03:02 PM, Philipp Klaus Krause wrote:
> | Unfortunately, tools for signing keys with multiple UIDs IMO are not
> | user-friendly enough, tpically due to the following:
> |
> | 1) They require the user to be familiar with t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 10.09.2013 15:30, schrieb Robert J. Hansen:
> On 9/10/2013 6:35 AM, Philipp Klaus Krause wrote:
>> I wonder if it would be a good idea to have an option to combine
>> symmetric ciphers, e.g. users could state a preference li
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 27.10.2013 19:47, schrieb Peter Lebbing:
> On 27/10/13 19:09, Filip M. Nowak wrote:
>> 1) Specialized microcontrollers with crypto capabilities are
>> available and used for years now (AVR XMEGA which is 8 bit for
>> example)
>
> AVR XMEGA has DES
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 10.09.2013 13:45, schrieb Werner Koch:
> You would also need a second public keypair to protect the second
> symmetric key. If you don't, the attacker would target the public
> key scheme directly - ah well that is in any case the lower hanging
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 30.10.2013 18:39, schrieb Robert J. Hansen:
>> Well, here's a (rough, and maybe naive) explanation of why I
>> assumed that the effort is at least max(a, b):
>
> If you first encrypt with ROT10 and then with ROT16, the final
> strength is not the m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 10.09.2013 12:35, schrieb Philipp Klaus Krause:
> I wonder if it would be a good idea to have an option to combine
> symmetric ciphers, e.g. users could state a preference list like
> this:
>
> TWOFISH+AES256 3DES+BLOWFISH+AES AE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Is there a known good way to combine multiple symmetric ciphers into
something that is at least as strong as the weakest of them?
Philipp
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 30.10.2013 23:33, schrieb Philipp Klaus Krause:
> Is there a known good way to combine multiple symmetric ciphers
> into something that is at least as strong as the weakest of them?
>
> Philipp
>
This should have been "...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 30.10.2013 23:51, schrieb Bob (Robert) Cavanaugh:
> I guess I lost track of the initial purpose of this thread. Why do
> you want this if you can only achieve the same cryptographic
> strength as one of the ciphers? What problem are you solving?
T
I'm currently using 4 email addresses - 1 for private mail, 1 for a
small business, and 2 for university. Currently I have three keys - one
for the private mail, one for the business, and one for unversity. Each
of the keys has been signed with all keys.
Of course it is annoying to have to ask eve
Am 23.07.2013 21:04, schrieb Heinz Diehl:
> On 23.07.2013, Philipp Klaus Krause wrote:
>
>> Of course it is annoying to have to ask everyone to sign three keys -
>> after all they are all my keys, and the people I ask to sign my key all
>> get to see the same pas
Am 23.07.2013 23:22, schrieb Max Parmer:
>
> Sounds like you might want an offline master key with a couple UIDs and
> several subkeys.
>
But can I have multiple encryption subkeys, with encryption subkeys
associated with UIDs? I though one subkey per UID only works for signing.
> Also if I di
Am 23.07.2013 23:22, schrieb Max Parmer:
>
> Sounds like you might want an offline master key with a couple UIDs and
> several subkeys.
>
But can I have multiple encryption subkeys, with encryption subkeys
associated with UIDs? I one subkey per UID only works for signing.
> Also if I didn't tr
Hmm, since everyone seems to think "He doesn't consider the unviersity
computer secure enough for something, so he shouldn't consider it secure
enough for anything", it seems I'm failing and communicating what I want
to do. Maybe having a look at the following scenario will help:
I have three comp
Am 24.07.2013 08:35, schrieb Heinz Diehl:
> On 24.07.2013, Philipp Klaus Krause wrote:
>
>> I do not trust the computer at university with the secret key used to
>> decrypt my private mail.
> []
>
>> Still, I want to be able to read any encrypted mail sent t
Am 24.07.2013 15:18, schrieb Mark H. Wood:
> On Wed, Jul 24, 2013 at 11:33:18AM +0200, Philipp Klaus Krause wrote:
>> I just want multiple security levels: Decrypt mail addressed to the
>> university address, but not mail addressed to my private address on the
>> university c
it was intended for the list.
>
>> On 7/24/2013 1:53 AM, Philipp Klaus Krause wrote:
>>
>> Unfortunately, this is not casting very much light on things. The use
>> of phrases like CONFIDENTIAL, SECRET and TOP SECRET have very specific
>> meanings in NATO countrie
Am 03.08.2013 14:51, schrieb Hauke Laging:
> Am Sa 03.08.2013, 12:16:56 schrieb ix4...@gmail.com:
>
>> On 30 July 2013 22:30, wrote:
>
>>> I only need one GPG identity for now. I also use GPG on devices of two
>>> classes: "Secure" and "insecure". I would like to take some operational
>>> securi
Am 06.11.2017 um 23:26 schrieb ved...@nym.hush.com:
>
>
> On 11/6/2017 at 4:55 PM, "Tim Steiner" wrote:
>
> \We have been working on a project to build a direct interface for
> PGP/GPG usage using U2F for web apps and browser extensions. This is
> similar to existing smart cards and tokens but
Am 20.05.2018 um 08:26 schrieb Robert J. Hansen:
> Writing just for myself -- not for GnuPG and not for Enigmail and
> definitely not for my employer -- I put together a postmortem on Efail.
> You may find it worth reading. You may also not. Your mileage will
> probably vary. :)
>
> https://med
Am 05.06.2018 um 02:37 schrieb NIIBE Yutaka:
> Hello,
>
> While learning Chinese language, I found this service (in Chinese):
>
> http://www.pcbcopy.com/2016/ic_1128/1928.html
>
> IIUC, It's a company in ShenZhen, which offers a service reading out
> from protected STM32F103, even if it uses
There has been plenty of research on email security and the need for
encryption is well-known.
However, I wonder if there has been any research on mail security. Of
course, one could just put a GPG-encrypted letter in an ordinary
envelope, but there are more common measures that are meant to give
While having OpenPGP support directly in Thunderbird is probably a good
thing, I found it convenient to just use the gpg kerys for Email
encryption and signing (and conversely, being able to just use keys
imported via Enigmail to encrypt files using gpg).
It would be really nice, if Thunderbird cou
Am 11.10.19 um 20:15 schrieb Phillip Susi:
> Why the heck don't they just run gpg the way enigmail did?
>
They don't want users to require to install gpg first. And they don't
want to ship gpg with Windows installers, since it isn't MPL.
Philipp
signature.asc
Description: OpenPGP digital sig
28 matches
Mail list logo
