Encrypting same data with many keys...

Bill Stewart stewarts at ix.netcom.com
Fri Aug 15 03:52:55 PDT 1997

At 05:01 PM 8/14/97 -0400, nospam-seesignature at ceddec.com wrote:
>On Wed, 13 Aug 1997, Ray Arachelian wrote:
>> Would it not be more secure if it picked a different IDEA session key for
>> each recipient?  Would be slower, but...
>If there were random padding, I don't think it would increase the
>security.  PGP uses one conventional key and multiple PK encryptions of
>it, with different padding (I think).  Then you only have one message to
>send out, i.e. pk1,pk2...pkn,convenc instead of pk1,cenc1 pk2,cenc2...

There's really no need - the threat is in the RSA part,
which is that you can solve for the secret message if you've got
one secret message encrypted with a bunch of known public keys.
By using different random padding on the IDEA session key for each
public-key used, you avoid that problem.  

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#   (If this is a mailing list or news, please Cc: me on replies.  Thanks.)

More information about the cypherpunks-legacy mailing list