AW: [Mailman-Developers] Secure Mailing Lists
Brad Knowles
brad.knowles at skynet.be
Fri Nov 28 04:21:01 EST 2003
At 9:53 AM +0100 2003/11/28, Dietmar Maurer wrote:
> Sorry, I dont underdstand that suggestion. You want to put several
> encrypted messages into one mail?
No.
> (I dont know much about public key
> systems). That would increase the size of the message? Or is it possible
> to encrypt a message once so that several people can decrypt it?
Your latter question gets to the point. You encrypt the message
once with the session symmetric key, and then you encrypt the session
symmetric key once for each recipient public key. Each recipient
uses their private key to decrypt the session symmetric key, which is
then used to decrypt the message.
Fortunately, PGP makes all this transparent to the recipients.
The resulting message is somewhat larger, because you've encrypted
the session symmetric key for each recipient public key, but this is
usually a relatively small expansion and since PGP has built-in
compression, this is not usually too much of a loss.
If you had a large number of recipients, this might become more
of an issue. In that case, you might want to do this function in
smaller batches.
The only disadvantage with this approach is that you can see what
keyids that a message is encrypted for, and this allows someone to do
traffic analysis (see who is talking to whom). If this was an issue
of concern, then this is something that should be configurable on a
per-list basis.
--
Brad Knowles, <brad.knowles at skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
More information about the Mailman-Developers
mailing list