Encryption within 'groups' - PGP

This is a discussion on Encryption within 'groups' - PGP ; Hi, This is a totally newbie question, so I probably have the terminology wrong. However I hope someone can see what I'm getting at: Asymmetric encryption has the problem of person -> person communication down pat. Share public keys, keep ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Encryption within 'groups'

  1. Encryption within 'groups'

    Hi,

    This is a totally newbie question, so I probably have the terminology
    wrong. However I hope someone can see what I'm getting at:

    Asymmetric encryption has the problem of person -> person communication
    down pat. Share public keys, keep private keys.

    From what I recall from my reading of the PGP User Guide some years
    ago, you can also send a message from a group of people -> one
    recipient, right? Like split the authority of a key across a bunch of
    people so each has to sign.. something like that.

    I was wondering, is there a commonly-agreed upon way to send a message
    from one person to members in a group without encrypting it individually
    for each? The only thing I can think of is a shared private key--or a
    shared passphrase and using just symmetrical encryption--but both share
    the problem of a key/password being compromised. I guess whatever method
    is used, the message itself it always prone to be leaked by an
    individual member of the group, but I was just wondering whether people
    have implemented ways to approach this problem.

  2. Re: Encryption within 'groups'

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Firas wrote:

    > Hi,
    >
    > This is a totally newbie question, so I probably have the terminology
    > wrong. However I hope someone can see what I'm getting at:
    >
    > Asymmetric encryption has the problem of person -> person communication
    > down pat. Share public keys, keep private keys.
    >
    > From what I recall from my reading of the PGP User Guide some years
    > ago, you can also send a message from a group of people -> one
    > recipient, right? Like split the authority of a key across a bunch of
    > people so each has to sign.. something like that.
    >
    > I was wondering, is there a commonly-agreed upon way to send a message
    > from one person to members in a group without encrypting it individually
    > for each? The only thing I can think of is a shared private key--or a
    > shared passphrase and using just symmetrical encryption--but both share
    > the problem of a key/password being compromised. I guess whatever method
    > is used, the message itself it always prone to be leaked by an
    > individual member of the group, but I was just wondering whether people
    > have implemented ways to approach this problem.


    You can encrypt to multiple recepients quite easily, since PGP is not purely
    assymetric but a hybrid whereby the bulk of the message is encrypted
    symmetrically. So you only add a little to the length of the message by
    selecting multiple keys. However, what you seem to be talking about is
    share split. You can right click on a key and go share split, at least if
    you have the right version, and then you simply select how many pieces to
    split it into and how many are needed to use the key. So if you set the
    second number to 1, everyone can use the key. Different parts can have
    different passphrases.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.3 (GNU/Linux)

    iD8DBQFAn7cBseVxKm0DPWERAmPYAJ91op3uulWtqI/9Qib5kAlMDSKSEwCcD3K3
    ism4C19wbOv++zZ20PZVJ9Q=
    =3c31
    -----END PGP SIGNATURE-----

  3. Re: Encryption within 'groups'

    MikeyD wrote:
    > You can encrypt to multiple recepients quite easily, since PGP is not purely
    > assymetric but a hybrid whereby the bulk of the message is encrypted
    > symmetrically. So you only add a little to the length of the message by
    > selecting multiple keys


    Wow, that's what I was looking for! Thanks, I figured out how to do it.

  4. Re: Encryption within 'groups'

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Firas wrote in news:2g9kjhF6ku4U1@uni-berlin.de:

    > Hi,
    >
    > This is a totally newbie question, so I probably have the terminology
    > wrong. However I hope someone can see what I'm getting at:
    >
    > Asymmetric encryption has the problem of person -> person communication
    > down pat. Share public keys, keep private keys.
    >
    > From what I recall from my reading of the PGP User Guide some years
    > ago, you can also send a message from a group of people -> one
    > recipient, right? Like split the authority of a key across a bunch of
    > people so each has to sign.. something like that.
    >
    > I was wondering, is there a commonly-agreed upon way to send a message
    > from one person to members in a group without encrypting it
    > individually for each? The only thing I can think of is a shared
    > private key--or a shared passphrase and using just symmetrical
    > encryption--but both share the problem of a key/password being
    > compromised. I guess whatever method is used, the message itself it
    > always prone to be leaked by an
    > individual member of the group, but I was just wondering whether people
    > have implemented ways to approach this problem.


    This may not be what you are thinking of, but I would suggest using PGP
    Groups. You can create a group that contains all the public keys of the
    group membership, and then encrypt to all by just selecting the group to
    encrypt to. If you are using an email plug-in, you can have an email
    distribution list of the same name and membership, and then email to all
    by just emailing to that distribution group - selecting encryption will
    then also encrypt to all of the group. When doing this via an official
    email plug-in, or Current Window usage, only one symmetric encryption is
    used for all recipients.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0.3
    Comment: My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

    iQEVAwUBQJ/8nmDeI9apM77TAQJcWAf/fX00LWkKxwPtv7klbgoQcOfbXuNqst+j
    sx6/cRdAYieqC9Sbzg4XTiGKhiFhXRiPkaNlJllSoKiPUc1r3pWrNF AvMF8RCrNJ
    DfEIYFxQ959TUhCMfhkuzsQQl1gdF3gDxwK3pHwzcQzjkHVr/k2hwPcPyXEx7nSQ
    I7EMATJxBL/yOnjoTXXZBppK1hhGmvBAm9uxBIPIBxdRKoNqsMtzqGcRh2x0j ru+
    KRFLNx0bHPjJy1gUMJvR4892uVNJ9cSsF2GVOzVCAcjHOrYT5I F9vdajkBEmUEc3
    ZBbt5lGKn1j76wB+trx27Ec4SDb+1UYAmPCc60lxkv4zVQSEVk gUBg==
    =koXm
    -----END PGP SIGNATURE-----

+ Reply to Thread