-----BEGIN PGP SIGNED MESSAGE----- Paul Franklin <franklin@sl9.sr.hp.com> writes:
To create such a file, we would simply create as PGP usually does, except that we specify or record the conventional IDEA key used. Then to decrypt the file, we simply ignore the RSA headers and use the specified or recorded conventional IDEA key. We could even insure that the IDEA key in the RSA encrypted headers is wrong. So, obiwan can not reveal the data even if Darth can seize him.
I have created a hack to PGP ui to do all of the above!
Isn't this what pgp -c does?
No pgp -c creates a conventionally encrypted file that appears to be a conventionally encrypted file. If you run such a file thru pgp, pgp will report that it is a conventionally encrypted file even if you do not know the password. If you have such a file Darth Vader will assume that you can decrypt it. My hack allows you to created a file which appears to be pgp public key encrypted to someone else, but which you also (or perhaps you only) can decrypt. (Because you have specified or recored the conventional idea key.) Hopefully, Darth will be fooled in to thinking that you can not decrypt the file. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLmjPoQ2Gnhl89QSNAQH4qQP/WBMRdSbT6j9G4CgQOt1glM3SO10KfId1 v0dlLAD763sYy7rLPwueoNIUXYjsibMkP1/dBX+BRcjKJLGxNVo/E7weZDOBgwck 1NlpjG+kVQH35NRvmBfecRF/PsPoYu+utHfDTZ0ntQSAj0zb7EFLl0XI5ULYqFNU y8KnEG8GhzI= =RC+G -----END PGP SIGNATURE-----