When using PGP type public encrypted communication, would it be a good idea to g

Question

When using PGP type public encrypted communication, would it be a good idea to generate a new public for each message and attach that in the new public key in the reply to back to sender mail body? Idea is you start the communication with the known public key from a key server, but for each new message/chat message you generate a new public/private key for that particular end-user. That way if someone cracks your initial public/private key they may not read all the messages? Would that be a good or bad idea? Ie the person who want to read your mail conversation must crack all PGP keys in the conversation sequence to read all the messages.

Explanation / Answer

In the case of emails your solution is not really practical. The problem is that the sender of an email uses the public key whereas the receiver should have the secret key. This means that whenever somebody wants to send you an email (and therefore generate a new key) you have to be online or you have to provide a set of pre-computed key pairs. If multiple people are sending you emails at the same time. Who is taking which key? Making the key management more complicated doesn't necessarily give you more security.

In the case of communications, like chats, the property you are asking for is called (perfect) forward secrecy. This property, roughly speaking, states that an adversary, who at some point obtains your secret key(s), should not be able to decrypt past conversations

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.