Solved

pgp encryption

Posted on 2006-10-26
3
424 Views
Last Modified: 2010-04-11
Hey all:

Hope you can help with this.  I have a client who just received two emails.  One email has in the body

the phrase is:whateverthephrasewas

and the other had  a file and in it the sender stated:

The file is encrypted in conventional encryption of PGP which would conform with standard HIPAA data encryption.

Basically, the sender sent a file that's encrypted, but we have not shared public keys.  My question is can you decrypt a file using PGP without someone's public key (I'm assuming that's what the conventional PGP means).

Any help on this would be greatly appreciated.

jocasio
0
Comment
Question by:Juan Ocasio
  • 2
3 Comments
 
LVL 1

Accepted Solution

by:
rllynch earned 250 total points
ID: 17819500
PGP conventional mode refers to password based encryption.  It doesn't need public/private keys.  If you run pgp on the encrypted file, it should prompt you for the password (from the first email), and decrypt the file for you.
0
 
LVL 1

Expert Comment

by:rllynch
ID: 17819557
As an aside, using PGP in this way isn't secure at all.  Anyone that could get their hands on both emails could decrypt the file.  It would be better for your client to generate a public + private key, send the public key to the sender of the file, and have the sender encrypt the file using your client's public key.  That way, any eavesdroppers would be unable to decrypt the file.  Or if they insist on using password based encryption, communicate the password using some other means besides email (phone, fax, snail mail, etc.).
0
 
LVL 14

Author Comment

by:Juan Ocasio
ID: 17819836
Thanks rllynch:

Yes.  I kinda figured it out.  I also think they are using GnuPGP.  Thanks for the post.

jocasio
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
Adoption of Microsoft’s Enterprise Mobility and Security solution and Office 365 will re-order the File Sync and Share market Microsoft has stated that its Enterprise Mobility + Security (EMS) is the fastest growing product in the history of the …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now