[ILUG] Question on an encryption system (using OSS)
Proinnsias Breathnach
proinnsias at linux.ie
Tue Sep 13 13:18:29 IST 2005
On Tue, Sep 13, 2005 at 01:07:23PM +0100, Braun Brelin wrote:
> One issue I'm not clear on is the encrypted file itself. In order for me to
> be able to distribute
> the file via P2P to multiple people, i can't have a system where each
> users's encrypted file is different, otherwise the P2P model doesn't work
> for distribution. so, i need a method whereby
> the encrypted file is the same, but the users keys are different...
>
> Braun
That's the point of John's post. To have a single encryption for the
file, you have to hand out your secret key (used to encrypt it). This is
because you don't know the users' keys in advance.
You could encrypt it to a set of anonymous user keys, and hand out one
each to the users. But this, again, provides the users no incentive to
keep the key to themselves. (Many keys can unlock the software
approach).
The best way is to encrypt on a per user basis, using their keys (the
one they care about not giving out). The problem is then that it can't
really work too well on P2P networks. John's solution is quite elegant -
especially if coupled with a memory-resident method of decryption on the
user side. This decryption being based upon the users' personal gpg key
(the one they won't leak on P2P)
P
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.linux.ie/pipermail/ilug/attachments/20050913/b5eb87af/attachment.pgp
More information about the ILUG
mailing list