At 9:53 AM +0100 2003/11/28, Dietmar Maurer wrote:

Sorry, I dont underdstand that suggestion. You want to put several encrypted messages into one mail?

No.

                               (I dont know much about public key

systems). That would increase the size of the message? Or is it possible to encrypt a message once so that several people can decrypt it?

Your latter question gets to the point.  You encrypt the message 

once with the session symmetric key, and then you encrypt the session symmetric key once for each recipient public key. Each recipient uses their private key to decrypt the session symmetric key, which is then used to decrypt the message.

Fortunately, PGP makes all this transparent to the recipients. 

The resulting message is somewhat larger, because you've encrypted the session symmetric key for each recipient public key, but this is usually a relatively small expansion and since PGP has built-in compression, this is not usually too much of a loss.

If you had a large number of recipients, this might become more 

of an issue. In that case, you might want to do this function in smaller batches.

The only disadvantage with this approach is that you can see what 

keyids that a message is encrypted for, and this allows someone to do traffic analysis (see who is talking to whom). If this was an issue of concern, then this is something that should be configurable on a per-list basis.

-- Brad Knowles, <brad.knowles@skynet.be>

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)