On 1/3/2019 at 10:14 PM, "MFPA" wrote:> [3] only for the overly
paranoid who revel in tedious
> work-arounds 8^) :
> (a) Encrypt to both yourself and the recipient
> (b) Remove your own id packet from the ciphertext,
> (c) Re-calculate the crc of the ciphertext
> (d) Send the 'hacked' ciphertext along to the
> original recipient
> (e) Store the first ciphertext from (a) along with
> the one from (d), in your sent folder
> (f) now you will always be able to decrypt and
> retrieve the original plaintext
Would the ciphertext at (d) be much different than encrypting to the
recipient and hidden-encrypt-to your own key?
=====
Yes.
The ciphertext in (d) would have no indication that it was being
encrypted to anyone else.
Using 'hidden-encrypt' to your own key, would show that it was
encrypted to another key, but undetectable to whom.
As a concrete difference, if you used the command: gpg
--try-all-secrets
on the file encrypted to the recipient and hidden-encrypt-to your own
key,
it would decrypt to your own key.
Even from the ciphertext, it is detectable because it is 'longer'
(i.e., has another key-packet).
Try encrypting to only one recipient, and the encrypting the same
plaintext to the same recipient, while also using hidden-encrypt to,
and look at the difference in length.
vedaal
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users