diff --git a/book/source/10-encryption.md b/book/source/10-encryption.md index ce7bbff..b21cc27 100644 --- a/book/source/10-encryption.md +++ b/book/source/10-encryption.md @@ -84,6 +84,13 @@ Version 1 SEIPD can only be combined with either [version 3 PKESK](https://www.i When communicating with a mix of recipients, some of whose OpenPGP software only supports OpenPGP version 4, then this mechanism must be used. +```{figure} drawio/SEIPDv1-PKESK.png +:name: fig-encryption-seipdv1-pkesk +:alt: Depicts a dotted hexagon labeled "Plaintext", from which a curved arrow passes another dotted hexagon "Session Key" and finally points to a "SEIPDv1" packet. Two more curved arrows originate from the session key and pass Alice' and Bob's encryption key, ending in two PKESK packets. + +With SEIPDv1, the session-key is directly used as message-key to encrypt the payload +``` + ## Handling encrypted session keys: PKESK, SKESK "*ESK" is a family of mechanisms for dealing with symmetric key material. It has two branches: diff --git a/book/source/drawio/SEIPDv1-PKESK.drawio b/book/source/drawio/SEIPDv1-PKESK.drawio new file mode 100644 index 0000000..ff0732b --- /dev/null +++ b/book/source/drawio/SEIPDv1-PKESK.drawio @@ -0,0 +1,70 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/book/source/drawio/SEIPDv1-PKESK.png b/book/source/drawio/SEIPDv1-PKESK.png new file mode 100644 index 0000000..cb8d040 Binary files /dev/null and b/book/source/drawio/SEIPDv1-PKESK.png differ