appropriate algorithm for application

Scott McGuire svmcguir at syr.edu
Thu Aug 8 18:09:31 PDT 1996


-----BEGIN PGP SIGNED MESSAGE-----

>Scott McGuire wrote
>>

... stuff deleted ...

>>
>> 
>> Why not just encrypt the files with regular, single key encryption and only
use
>> the public-key encryption on a master file holding a copy of all the
individual
>> keys?  This would be faster right?
>
>The main reason is so that anyone can generate new keys as and when
>they please. The master key is not required for key generation, which
>makes it more secure (ie. it spends more of its time in the safe) and
>practical (the master key may be in a different building).
>
>Gary
>--
>pub  1024/C001D00D 1996/01/22  Gary Howland <gary at systemics.com>
>Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06 
>^S
>^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T

If the master file (or say master directory with one keyfile for each
encrypted file) is encrypted with public key encryption, than anyone with the
master public key can add a new encrypted file key but only the person with
the master private key can remove one of those keys.

Now that I think about it, this is like having each user encrypt their file
with a conventional key and sending a PGP encrypted message with the key they
used to the maintainer of the master file.  Of course if you don't trust the
users to give up a copy of the key, you would need to automate the procedure.

Scott

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv

iQCVAwUBMgpQiN7xoXfnt4lpAQEBfwQAuHXSGhgWXr1S7gEKWH9iygLlSrioGjoz
/4+kqXKW/Q1ygDub0W3Tdr54uHaltAD8V/uk539i2ToTA0HQwaQ/jQq4eyRWrASl
bW1e5VWkJrKOm3J1qDSfIcoD7ACygwMb2Fxmp1w0GQ5uOOwjH8bow7YGMVPZKa/C
pDLIbjT36bM=
=18an
-----END PGP SIGNATURE-----







More information about the cypherpunks-legacy mailing list