Re: Digital signature in muLinux - tests wanted

From: Michele Andreoli ([email protected])
Date: Thu Nov 09 2000 - 13:44:29 CET


On Thu, Nov 09, 2000 at 02:23:09AM +0000, [email protected] nicely wrote:
> Hello all.
>
> On 2000-11-08 [email protected] said:
>
> mu>You can use PGP to decrypt, using the passphrase "mulinux".
> mu>Is is true: this is my first real usage of the IDEA cryptography.
> mu>(Ok, in this case this is not true "cryptography", but a sort
> mu>of "steganography", or "cryptography against the baby" :-) )
>
> Yes, it works.
> And it is true encryption but with no public key. It uses a
> secret key, the passphrase. But now that key isn't secret
> anymore. :-)

Yes: it is a "single purpose" passphrase. Did you decryped
successful?

>
> mu>I would like to ask to Lars Nordstrom, own crypto-guy on the list,
> mu>if there is a simple way to generate a key for the address
> mu>[email protected]
> mu>so every subscriber can read/send PGP encrypted message. How
> mu>to handle a such mechanism? What kind of hand-shake is required
> mu>beetween us, the subscribers?
>
> AFAIK, this will be complicated and clumsy. I've seen
> discussions on this subject in comp.security.pgp.discuss and
> decided not to try it. :-)
>
> PGP isn't designed to do this but can be used in several ways:
>
> Each member of the list have the same secret key to decrypt the
> messages which means it's not secret at all.

Obviuosly. The trick has a very limited usage: in theory, it protect the
mailing-list subscriber

>
> To decrypt a message on my own computer takes several seconds
> and I have to write the passphrase for each one. For the
> relatively low volume on this list it could be done for a few
> days before I get tired of it. On a high volume list, well...

Yes. A unusefull complication, meaningfull only in a context where
a lot of people like to experiment with cryptography.

Michele

-- 
"I'd like to conclude with a positive statement, but I can't remember any.
Would two negative ones do?"			-- Woody Allen
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]


This archive was generated by hypermail 2.1.6 : Sat Feb 08 2003 - 15:27:16 CET