Hi Bernhard I eventually changed my mind as I have'nt found out how to extract the source document from a signed one.
So I decided to procede with detached signatures applied, as you suggest, on the source documents and not on the crypted ones. Regarding asymmetric versus symmetric cryptography, I stick with the latter one, which allows me to crypt a document only once with a single key, a "document-key", and either transfert the asymmetrically crypted document-key to recipients whom I know their public keys, or its symmetrically crypted value with a permanent password specific to each of the others recipients I share their passwords with. I don't know yet how to share and manage these passwords. I finally download on the public server an archive containing the document-key symmetrically-crypted document, the clear document signature and the bunch of asymmetrically or symmetrically crypted document-keys, and send messages, "release notifications", to inform the recipients a new document has been released on the server. I'm still wondering how each of them will know the specific file they have to uncrypted to get the document-key. That is, I haven't yet figured out whether or not to keep the list of recipient secret. I can obviously consider to provide the information in the release-notification e-mail, but I don't know if e-mail clients can handle symmetrically crypted messages. Thank's again for your help. Le 15/09/2016 à 09:11, Bernhard Reiter a écrit : > Hi Arbiel, > > Am Mittwoch 14 September 2016 17:28:59 schrieb Arbiel (gmx): >> Asymmetric encryption requires the recipients to use my public key to >> get access the documents, whereas symmetric encryption only requires >> them to key in the encryption key. > > for decryption, only the private key of the recipient is needed. > Typing in that passphrase is as difficult (or easy) as typing in the > symmetric > key. Of course asymmetric crypto would need them to create a key-pair first. > But symmetric encryption has the problem of you needing to transfer the keys > each time. > >> Obviously the recipients who are not >> confident enough with using asymmetric encryption won't be able to >> verify the authentity of the documents, but this a least drawback. >> >> However, if I can't sign and encrypt in a single step, I'll sign and >> then symmetrically encrypt the signed document, or the other way around. > > Usually you sign first and then encrypt. This way the signature stay > verifiable even after decryption. > >> I forgot to write that I want the process (sign and encrypt) to procede >> without any keyboard-typing. > > A passphrase is not needed for asymmetric encryption. > It is only needed to unlock your private key for signing. > If you want to build an automated system, one way is to just have a private > key without passphrase (and secure the system). There are other ways of > course. > >> My previous message seems to have been a HTML message. I unchecked the >> control and hope this answer is a clear text message > > Yes, it is. :) > > > Best Regards, > Bernhard > > > > _______________________________________________ > Gnupg-users mailing list > Gnupgemail@example.com > http://lists.gnupg.org/mailman/listinfo/gnupg-users >
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupgfirstname.lastname@example.org http://lists.gnupg.org/mailman/listinfo/gnupg-users