Mailing List Archive: GnuPG: users

How to validate encryption

Index | Next | Previous | View Threaded

Amarjeet.Yadav at gs

Aug 11, 2011, 6:47 AM

Post #1 of 4 (188 views)
Permalink

How to validate encryption

Hi ,
We have requirement where we would like to check for encrypted file its valid or not before decrypting it.
Thanks

wk at gnupg

Aug 12, 2011, 3:49 AM

Post #2 of 4 (187 views)
Permalink

Re: How to validate encryption [In reply to]

On Thu, 11 Aug 2011 15:47, Amarjeet.Yadav [at] gs said:

> We have requirement where we would like to check for encrypted file
> its valid or not before decrypting it.

You mean whether it has been tampered with? You can't do that without
decrypting it. GPG checks that the decrypted file is valid - usually
by checking the signature but if it is not signed gpg checks the MDC
(modification check code - a kind of checksum).

Of course you could use a detached signature (or a hash digest of the
file convoyed via a second channel) to detect modification before
processing the file. However the entire file needs to be processed in
any case. Thus if modifications are rare it would take longer to check
the file first and then do the encryption which does yet another check.

Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

mailinglisten at hauke-laging

Aug 12, 2011, 4:45 AM

Post #3 of 4 (184 views)
Permalink

Re: How to validate encryption [In reply to]

Am Donnerstag, 11. August 2011, 15:47:40 schrieb Yadav, Amarjeet:
> Hi ,
> We have requirement where we would like to check for encrypted file its
> valid or not before decrypting it. Thanks

Why? In order to prevent the usability of GnuPG exploits?

If you trust the sender (and his systems) then the simple answer is: Have the
sender sign the encrypted file. I hope that would not result in "we would like
to check its validity before we check the signature"...

Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

Attachments:

signature.asc (0.54 KB)

Amarjeet.Yadav at gs

Aug 12, 2011, 5:18 AM

Post #4 of 4 (186 views)
Permalink

RE: How to validate encryption [In reply to]

Thanks.

-----Original Message-----
From: Hauke Laging [mailto:mailinglisten [at] hauke-laging]
Sent: Friday, August 12, 2011 5:16 PM
To: gnupg-users [at] gnupg
Cc: Yadav, Amarjeet [Tech]
Subject: Re: How to validate encryption

Am Donnerstag, 11. August 2011, 15:47:40 schrieb Yadav, Amarjeet:
> Hi ,
> We have requirement where we would like to check for encrypted file
> its valid or not before decrypting it. Thanks

Why? In order to prevent the usability of GnuPG exploits?

If you trust the sender (and his systems) then the simple answer is: Have the sender sign the encrypted file. I hope that would not result in "we would like to check its validity before we check the signature"...

Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads