Il 09/06/2017 08:24, Werner Koch ha scritto:
> ( gpg --status-fd 1 --show-session-key --max-output 1 \
> -o /dev/null 2>/dev/null FILE || true ) \
>| awk '$1=="[GNUPG:]" && $2=="SESSION_KEY" {print $3}'
> The output can then be used with --override-session-key
Tks! That's exactly what
On Tue, 6 Jun 2017 14:39, ndk.cla...@gmail.com said:
> Is it possible to "extract" the used session key, so that the requester
> just ignores the asymmetric crypto and just uses the symmetric key to
> decode the file? Drawbacks? Other ideas?
Here is how I would do that:
( gpg --status-fd 1
Il 06/06/2017 22:40, Konstantin Gribov ha scritto:
> In first scheme DEK is never stored in plain text. It used while
> encrypting archive and encrypted with gpg (or any other cryptographic
> means) and plain text version is removed right after that.
There's a big misunderstanding here: the
On Tue, Jun 6, 2017 at 11:03 PM NdK wrote:
> Il 06/06/2017 20:13, Konstantin Gribov ha scritto:
>
> > I can think of more simpler approach:
> > - generate secure random for symmetrical data encryption key (DEK);
> > - encrypt that key for authorized users on their public
Il 06/06/2017 20:13, Konstantin Gribov ha scritto:
> I can think of more simpler approach:
> - generate secure random for symmetrical data encryption key (DEK);
> - encrypt that key for authorized users on their public keys;
> - encrypt data itself with something like ChaCha20 or AES in
Diego,
I can think of more simpler approach:
- generate secure random for symmetrical data encryption key (DEK);
- encrypt that key for authorized users on their public keys;
- encrypt data itself with something like ChaCha20 or AES in appropriate
mode.
In such case you could give end user an