mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-22 07:32:05 +01:00
Lean on glossary entries
This commit is contained in:
parent
dc59d3a1d5
commit
c965650099
1 changed files with 4 additions and 7 deletions
|
@ -15,17 +15,14 @@ For an in-depth, packet-level view of encrypted data in OpenPGP, see [](/zoom/en
|
||||||
Encryption in OpenPGP is performed in two distinct steps:
|
Encryption in OpenPGP is performed in two distinct steps:
|
||||||
|
|
||||||
1. **Session key transmission**: For each recipient of the message, a packet that contains a protected copy of the session key is generated.
|
1. **Session key transmission**: For each recipient of the message, a packet that contains a protected copy of the session key is generated.
|
||||||
2. **Symmetric encryption**: The actual message is encrypted based on the [*session key*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-confidentiality-via-encrypt). The (potentially large) ciphertext only needs to be stored once, even if it is sent to multiple recipients. All recipients get access to the same shared *session key* to decrypt the message.
|
2. **Symmetric encryption**: The actual plaintext message is encrypted based on the [*session key*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-confidentiality-via-encrypt). The resulting (potentially large) ciphertext only needs to be stored once, even if it is sent to multiple recipients who use different OpenPGP keys. All recipients get access to the same shared *session key* to decrypt the message.
|
||||||
|
|
||||||
```{note}
|
```{note}
|
||||||
Above, "plaintext" means one of:
|
Above, "plaintext" means one of:
|
||||||
- *Literal Data* packet,
|
|
||||||
- *Compressed Data* packet or a
|
|
||||||
- *signed message*.
|
|
||||||
|
|
||||||
A *signed message*, in turn, is a packet sequence that either
|
- *{term}`Literal message<Literal data packet>`*,
|
||||||
- resembles an *inline-signed message* (a *Literal Data* packet sandwhiched between one or more *One-Pass-Signature* and their respective *Signature* packets), or a
|
- *{term}`Compressed message<Compressed data packet>`*, or
|
||||||
- *prefixed-signed* message (one or more *Signature* packets followed by a single *Literal Data* packet).
|
- *{term}`Signed message<Inline Signature>`*.
|
||||||
```
|
```
|
||||||
|
|
||||||
## Session key transmission
|
## Session key transmission
|
||||||
|
|
Loading…
Reference in a new issue