vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 16:12:05 +01:00
Code Issues Projects Releases Packages Wiki Activity
openpgp-notes/book/source/10-encryption.md
Heiko Schaefer 3f5e1c170a
ch10: outline
2023-09-25 16:43:36 +02:00

1.1 KiB
Raw Blame History

(encryption_chapter)=

Encryption

Encryption is one of the core facilities of OpenPGP. It provides confidentiality.

High-Level overview of the message encryption process

Core concept:

  • The plaintext is encrypted with a symmetric "session key."
  • The "session key" itself is stored in encrypted form, possibly multiple times:
    • The session key is encrypted to the encryption keys of each intended recipient of the message.
    • Alternatively, or additionally, the session key may be encrypted using a passphrase (this mode of operation doesn't require any OpenPGP certificates.)

Generations of encryption

SEIPD w/ AEAD (v2)

SEIPD (v1)

SED

Advanced topics

Encrypt for multiple/single subkey per certificate?

"Negotiating" algorithms based on recipients preference subpackets

Prevent "downgrade" -> Policy

Implications of how a recipient cert is "addressed" (fingerprint/key-ID vs. user-ID) (preferences, expiration, revocation)

Zooming in: Package structure and internals