Stefan Claas <s...@300baud.de>:
I was reading old GnuPG threads were people were asking if it's possible to extract a signature from an encrypted message.I would like to ask, I don't know if this is already possible or if it's planned, if Alice would request from Bob that he always signs his messages and Bob, lazy as he is, often forgets this, can Alice check if Bob's encrypted message(s) have signed byte(s) set, without actually decrypting or revealing Bob's identity?
As far as I know this is impossible, because messages are first signed and then encrypted, i. e. the signature is encrypted, too. Therefore there is no access to the signature unless the message is decrypted.
If the encrypted messages would not be signed then Alice can simply discard the message(s).
Yes, but why should she want to be able to do that? She could decrypt the message and, if it turns out that the message is not signed, discard the message.
And is this optional in GnuPG, in case it is already implemented?
As far as I know the order “first sign, then encrypt” is mandatory, so there is no way for GnuPG to deviate from it.
And this is a good thing, as it thwarts Eve eavesdropping on the originator's identity (i. e. Bob) of a message sent to Alice.
Helmut
pgpkvbWGDOhGQ.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
