Imagine the following 2 scenarios: a) salted single key setup: the encrypted image is stolen. the attacker knows the salt, but not the used password. b) pgp multikey setup: encrypted image + pgp encrypted multikey file is stolen and the attacker doesnt know the pgp password. In which case it is easier to recover the data? a) has some known security weaknesses (watermark), but maybe its easier in b) to do brute force cracking? I think pgp must store some kind of checksum of the encrypted data, because it recognizes if one enters a wrong password. I assume it could be exploited to speed up cracking? Your comments are appreciated. Regards, Andreas -- NEU: WLAN-Router für 0,- EUR* - auch für DSL-Wechsler! GMX DSL = supergünstig & kabellos http://www.gmx.net/de/go/dsl - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
