mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-23 08:02:05 +01:00
ch10: outline
This commit is contained in:
parent
8390a4b23c
commit
3f5e1c170a
1 changed files with 30 additions and 8 deletions
|
@ -1,11 +1,33 @@
|
||||||
(encryption_chapter)=
|
(encryption_chapter)=
|
||||||
# Encryption
|
# Encryption
|
||||||
|
|
||||||
```
|
[Encryption](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#section-2.1) is one of the core facilities of OpenPGP. It provides confidentiality.
|
||||||
- High Level overview of the message encryption process
|
|
||||||
- SED vs. SEIPD (v1) vs. SEIPD w/ AEAD (v2)
|
## High-Level overview of the message encryption process
|
||||||
- Encrypt for multiple/single subkey per certificate?
|
|
||||||
- "Negotiating" algorithms based on recipients preference subpackets
|
Core concept:
|
||||||
- Prevent "downgrade" -> Policy
|
|
||||||
- Implications of how a recipient cert is "addressed" (fingerprint/key-ID vs. user-ID) (preferences, expiration, revocation)
|
- The plaintext is encrypted with a symmetric "session key."
|
||||||
```
|
- The "session key" itself is stored in encrypted form, possibly multiple times:
|
||||||
|
- The session key is encrypted to the encryption keys of each intended recipient of the message.
|
||||||
|
- Alternatively, or additionally, the session key may be encrypted using a passphrase (this mode of operation doesn't require any OpenPGP certificates.)
|
||||||
|
|
||||||
|
## Generations of encryption
|
||||||
|
|
||||||
|
### SEIPD w/ AEAD (v2)
|
||||||
|
|
||||||
|
### SEIPD (v1)
|
||||||
|
|
||||||
|
### SED
|
||||||
|
|
||||||
|
## Advanced topics
|
||||||
|
|
||||||
|
### Encrypt for multiple/single subkey per certificate?
|
||||||
|
|
||||||
|
### "Negotiating" algorithms based on recipients preference subpackets
|
||||||
|
|
||||||
|
#### Prevent "downgrade" -> Policy
|
||||||
|
|
||||||
|
### Implications of how a recipient cert is "addressed" (fingerprint/key-ID vs. user-ID) (preferences, expiration, revocation)
|
||||||
|
|
||||||
|
## Zooming in: Package structure and internals
|
||||||
|
|
Loading…
Reference in a new issue