IETF Logo Mail Archive

Re: separation of signed and encrypted messages

"Michael Young" <mwy-opgp97@the-youngs.org> Tue, 16 October 2001 15:53 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA05627 for <openpgp-archive@odin.ietf.org>; Tue, 16 Oct 2001 11:53:37 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id f9GFTSK27019 for ietf-openpgp-bks; Tue, 16 Oct 2001 08:29:28 -0700 (PDT)
Received: from xfw.transarc.ibm.com (xfw.transarc.ibm.com [192.54.226.51]) by above.proper.com (8.11.6/8.11.3) with ESMTP id f9GFTPD27015 for <ietf-openpgp@imc.org>; Tue, 16 Oct 2001 08:29:26 -0700 (PDT)
Received: from mailhost.transarc.ibm.com (mailhost.transarc.ibm.com [9.38.192.124]) by xfw.transarc.ibm.com (AIX4.3/UCB 8.7/8.7) with ESMTP id LAA12954 for <ietf-openpgp@imc.org>; Tue, 16 Oct 2001 11:20:45 -0400 (EDT)
Received: from mwyoung (dhcp-195-23.transarc.ibm.com [9.38.195.223]) by mailhost.transarc.ibm.com (8.8.0/8.8.0) with SMTP id LAA16445 for <ietf-openpgp@imc.org>; Tue, 16 Oct 2001 11:29:10 -0400 (EDT)
Message-ID: <008201c15657$4b6f1880$dfc32609@transarc.ibm.com>
From: Michael Young <mwy-opgp97@the-youngs.org>
To: ietf-openpgp@imc.org
References: <OE58s955E3yIyEOadke00001939@hotmail.com>
Subject: Re: separation of signed and encrypted messages
Date: Tue, 16 Oct 2001 11:29:06 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----

>but is there any way to do it, short of rewriting gpg, pgp to include a -d
> > command similar to the -d command of 2.6.3?

It doesn't appear that GnuPG has such a switch now.  But it would
be easy to build.

> one could simply {from a remote area, without anyone needed to 'witness'
> the decryption process}
> separate it into the armored signed file, and release that to the
> 'authorities', and show that it had to have come from
> the specific signed and encrypted e-mail in question.

No.  The message(+signature) contents are symmetrically encrypted.
There is no way to prove that the plaintext generates that specific
ciphertext without giving up the session key.  Demonstrating
a decrypted signature or MDC shouldn't convince anyone that the
full plaintext matches that ciphertext.

If you're willing to show the plaintext, why do you care about
protecting the session key?  Are you reusing it?  This might be an
issue for a PGPdisk, for example, where one symmetric key protects the
entire contents...  you can't reveal+prove selected parts.  It
shouldn't be for ordinary OpenPGP uses.  Are you afraid that
your randomness source has been compromised, such that other
session keys could be deduced?  If so, you have a serious problem.

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3

iQEVAwUBO8xSM2NDnIII+QUHAQGY1wf+MxsUxkKXd0O1KTmuAD8CX2ud0CVEiaUN
MroPdg2pjhEcIS8FOx2c4bDeq0nS89ZrvjcujdaJbro7ydcsWwFVn7xrJrC3XWm7
m7dw5xHnl7Is8Gcnw5fm+CvbJK4dBDvL7jCbmIiRYv1wsTAgdRBZlLgzhq9n3XCo
2LzOlVvsg0WTQkk2i0c3SEIg0ucFP0soGZ7QzVueMccHwxpZrxfIMF2oN02BjjD1
xu8PrNs912MFZX4EJEM2U2Z4Pa3agQc/OuI7/P46GLnd74L+BUx9i6xPfzVXbeMI
53dmvolobItRSQ0BnS/TnXc4EtS9zQo53mOFQ1KUWk26nooUznNzCA==
=fxp3
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email