[Cryptography] Does PGP use sign-then-encrypt or encrypt-then-sign?
James A. Donald
jamesd at echeque.com
Sat Jan 25 17:54:54 EST 2014
On 2014-01-26 03:05, Yuriy Kaminskiy wrote:
> Does not work with *more than two participants* (Alice, Bob and Charlie know
> shared secret and thus can generate and validate MAC; who was author of message,
> Alice or Charlie?).
If small number of participants sharing encrypted messages, they trust
each other. They are worried about messages being altered by outsiders.
If one of their shared messages leaks, the fact that outsiders cannot
tell which of them originated it is a feature, not a bug.
More information about the cryptography
mailing list