ietf-openpgp
[Top] [All Lists]

Re: Split Implementations of PGP

2005-03-15 17:41:06

Jon Callas wrote:

On 12 Mar 2005, at 3:24 AM, Ingo Luetkebohle wrote:

Even better would be to have individually encrypted parts.  This is
possible with PGP/MIME but not current practice.  Trouble being, of
course, that the sender would have to know this is in advance.


Better for whom?

One of the reasons that practice is to not have individually encrypted parts is that that has not been considered as good, meaning not as secure. It isn't as convenient for an entity who doesn't have the keys to process such a message, and that's been considered a feature rather than a bug.

I'm struggling to understand this - how does this make it any easier for an attacker? (Other than log_2(n), where n is the number of parts, for the brute force attack).

--
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff