vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-09 11:19:41 +02:00
Code Issues Projects Releases Packages Wiki Activity

write ch10

Browse source
This commit is contained in:
Heiko Schaefer 2023-11-18 23:13:09 +01:00
parent 7d7a291415
commit 01739af17c
No known key found for this signature in database
GPG key ID: DAE9A9050FCCF1EB
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
book/source/10-encryption.md
View file

@ -14,8 +14,8 @@ Encryption in OpenPGP uses a [hybrid cryptosystem](hybrid_cryptosystems).
This means that two distinct steps are performed:
- Encryption of the plaintext with a (secret) symmetric key. The (potentially large) payload only needs to be stored once: all recipients use the same symmetric key, and all of them can decrypt the same symmetrically encrypted ciphertext.
- This symmetric key is then stored in encrypted form, possibly multiple time, once for each recipient.
- Encryption of the plaintext with a (secret) symmetric key, the *message key*. The (potentially large) payload only needs to be stored once: all recipients can decrypt the same symmetrically encrypted ciphertext, using this single message key.
- This symmetric message key is then stored in encrypted form, possibly multiple times, once for each recipient.
- Usually, the symmetric key is encrypted to a public encryption component key of the recipient.
- Alternatively - or additionally - the secret symmetric key may also be encrypted using a passphrase, in place of an asymmetric key. This is a specialized and less commonly used mode of operation that doesn't require OpenPGP certificates.