On Sat, 24 Apr 2021 15:19:07 -0700, "C.J. Collier" <c...@colliertech.org> wrote: > you could maybe ask a pause admin to decrypt and > re-encrypt to a key that you own, sending you back the encrypted file.
Two ideas from a gpg-internal *UN*aware point of view: - I assume gpg file encryption works by generating a random symmetric cipher key, encrypting the file with this symmetric cipher, and only encrypting the symmetric cipher's key with the asymmetric cipher public key. If so, then the encrypted symmetric key could in theory (...again, I do not know enough of gnupg internals) be extracted and be the only thing sent for decryption and sent back deciphered. Of course, it means that if the file was leaked encrypted, then this deciphered key intercepted, then the file is completely leaked. - Is the asymmetric algorithm transitive ? If it is, then again starting from an extracted encrypted key, it could be encrypted again with the good public key, then sent for decryption. The key received back would still be encrypted by the good public key. It can then finally be deciphered, allowing the symmetric cipher to decipher the data. This would solve the plain-text vulnerability of the previous point. I believe (again, not an expert) decryption and signature use different parameters in gpg, so from the pause admin point of view they should not be worried about inadvertently signing a hash, but actually deciphering a symmetric key (which can otherwise be a concern). -- Vincent Pelletier GPG fingerprint 983A E8B7 3B91 1598 7A92 3845 CAC9 3691 4257 B0C1 _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users