[Enigmail] use of openPGP

Rich Wales richw at richw.org
Thu Sep 27 08:31:49 PDT 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

James Kosin wrote:

> I'm missing a word here for forward and reverse working in the
> cryptic language.

Asymmetric.  That is, the same key does NOT work for BOTH encryption
and decryption; the two keys (public and private) work as a pair, and
whichever one was used to encrypt, you need the other to decrypt.

> In fact you can't even read the message you sent without telling
> enigmail you want to encrypt to self also.  In which case I believe
> it sends another copy encrypted with your public and secret keys to
> be readable by you.

Not quite.  The real story is a bit more complicated than this.

First, the main body of the message is encrypted using a "symmetric"
encryption scheme (where the same key is used to encrypt and decrypt).
The key used for this symmetric encryption is NOT anyone's public or
private key; it's a randomly generated "session key" that is used only
for one message and is then thrown away.

In addition to the main body, encrypted using the "session key", the
PGP message also includes a section where the session key is itself
encrypted using the recipient's public key.  So when the encrypted
message arrives in the recipient's e-mail, he uses his private key to
decrypt the session key -- and then uses the session key to decrypt
the main body of the message.

This two-step process is all done as a single operation by GnuPG, of
course, so you don't really need to mess with the separate steps -- it
all gets done automatically for you.

If a message is intended for two or more recipients -- including the
case where you send something encrypted for yourself as well as for
some other person -- the encrypted message contains ONE copy of the
main message body (encrypted using a symmetric algorithm), plus TWO
(or more) copies of the session key, each encrypted using a different
person's public key.  Each intended recipient can then decrypt one
copy of the session key, and, having the session key, can go on to
decrypt the actual message.

There are two reasons why this two-step process is used:

(1) Public-key encryption algorithms are VERY slow, so it makes sense
    to use a public-key scheme to encrypt just a small piece of info
    (namely, a session key), and then use the session key to encrypt
    and decrypt the main body of the message (symmetric encryption
    schemes are very fast).

(2) Using a two-step process makes it feasible to construct a single
    message that can be decrypted by two or more people, as described
    above.

And, BTW, the system is designed so that even if I can decrypt my own
copy of the session key, that doesn't give me any clue at all that I
could use to crack the private key of any other recipient of the same
message.

- --
Rich Wales      ===      Palo Alto, CA, USA      ===     richw at richw.org
http://www.richw.org   ===   http://en.wikipedia.org/wiki/User:Richwales
    "The difference between theory and practice is that, in theory,
theory and practice are identical -- whereas in practice, they aren't."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Rich Wales's public keys at http://www.richw.org/pgp/

iD8DBQFG+8zlqb4JmVxkYVURAm1MAKCv4lSMow0sTz5krmoQFQqmWiXqwACfZ1rE
Tpu0NOHdMd13jBYcJE4TFfA=
=18Iw
-----END PGP SIGNATURE-----

More information about the Enigmail mailing list