[Cryptography] Does PGP use sign-then-encrypt or encrypt-then-sign?

Gerardus Hendricks konfkukor at riseup.net
Tue Jan 21 22:07:27 EST 2014

Previous message: [Cryptography] Does PGP use sign-then-encrypt or encrypt-then-sign?
Next message: [Cryptography] Does PGP use sign-then-encrypt or encrypt-then-sign?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/21/14 11:47 PM, Jerry Leichter wrote:
 > Verifying a signature is a fairly expensive operation, and one
 > wonders if it, too, is subject to some kind of attack.

Well yes, but while decryption requires a private key mingling with the 
ciphertext, verifying a signature can be done in the isolation of secrets.

Previous message: [Cryptography] Does PGP use sign-then-encrypt or encrypt-then-sign?
Next message: [Cryptography] Does PGP use sign-then-encrypt or encrypt-then-sign?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the cryptography mailing list