> Is it true to say then, > that if you wanted someone to be able to decrypt a > (symmetrically encrypted) file, they'd need to know the algorithm used, > the key and they'd also have to use the same program to decrypt as used > to encrypt the file?
Not quite. In general: you shouldn't base the security on the secrecy of the methods used (algorithm, implementation, ...). Besides, when using a program which implements a documented standard, it doesn't matter what actual implementation of the standard you (or the attacker) use(s). The security should depend on the secrecy of your key. mo
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
