Menu
▾
▴
Re: design question - is conventional (symmetric key) encryption discouraged?
|
From: Fredrik N. <fc...@no...> - 2005-07-05 20:01:43
|
Ken Manheimer <ken...@gm...> writes: > In fact, for personal, day-to-day uses like journal entries and > such, i see symmetric encryption ... as being the default mode - > key-pair being somewhat heavyweight, ideally having a difficult > passphrase and choice restricted to only established keys. Symmetric encryption may be best for this sort of thing: it's not that public key is "better," but serves a different purpose. It depends upon whether you expect to have the same person encrypting and decrypting the data, or you expect others to decrypt what one has encrypted. For the first you just need a passphrase, for the second you need key distribution. From the sound of your application, symmetric would probably be the way to go, I'd think. > - whether i've missed something, and i can do symmetric-key > pgp/gpg encryption with mailcrypt without major contortions Alas, I've not gotten around to analyzing mailcrypt myself, so can't answer this. > - if not, whether it's so hard on purpose, and if so, why. I wouldn't think it's made hard on purpose, just it didn't fit the original intent (sending and receiving email) too well. > - If it is hard, but not on purpose, would any of you be willing to work > with me to make it easier to do symmetric-key encryption? (the > machinery would be pretty trivial, but keeping consistent with > existing mailcrypt stuff would take more attention.) I've no time for such a project right now, sorry! /Fredrik +----------------------------------------------------------------+ | Symeon | Fredrik Noon, Senior Software Engineer | | fc...@no... | Hifn, Inc. www.hifn.com | | www.noon.org | fn...@hi... +1 408 399 3630 | |-------------------+--------------------------------------------| | pgp key: <http://noon.org/keys/pgpkey.txt> 7840AC55 | +----------------------------------------------------------------+ =2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ken Manheimer <ken...@gm...> writes: > In fact, for personal, day-to-day uses like journal entries and > such, i see symmetric encryption ... as being the default mode - > key-pair being somewhat heavyweight, ideally having a difficult > passphrase and choice restricted to only established keys. Symmetric encryption may be best for this sort of thing: it's not that public key is "better," but serves a different purpose. It depends upon whether you expect to have the same person encrypting and decrypting the data, or you expect others to decrypt what one has encrypted. For the first you just need a passphrase, for the second you need key distribution. From the sound of your application, symmetric would probably be the way to go, I'd think. > - whether i've missed something, and i can do symmetric-key > pgp/gpg encryption with mailcrypt without major contortions Alas, I've not gotten around to analyzing mailcrypt myself, so can't answer this. > - if not, whether it's so hard on purpose, and if so, why. I wouldn't think it's made hard on purpose, just it didn't fit the original intent (sending and receiving email) too well. > - If it is hard, but not on purpose, would any of you be willing to work > with me to make it easier to do symmetric-key encryption? (the > machinery would be pretty trivial, but keeping consistent with > existing mailcrypt stuff would take more attention.) I've no time for such a project right now, sorry! /Fredrik +----------------------------------------------------------------+ | Symeon | Fredrik Noon, Senior Software Engineer | | fc...@no... | Hifn, Inc. www.hifn.com | | www.noon.org | fn...@hi... +1 408 399 3630 | |-------------------+--------------------------------------------| | pgp key: <http://noon.org/keys/pgpkey.txt> 7840AC55 | +----------------------------------------------------------------+ =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (Cygwin) iD8DBQFCyuchAi4MWHhArFURAh3NAKC5urvcAPdsAQXUcJyMhRdRDqzHCACgpMyQ M/357gQYMtDVsEWSJt7D1eg=3D =3DqVM7 =2D----END PGP SIGNATURE----- |
