3

So I know that PGP encrypted email can be vulnerable to a known-plaintext attack from a known, consistant email footer or greeting (“Hello”, “Yours truly, xxx”, etc), but does the same thing apply to PGP signatures on an email?

If I always PGP sign my emails, and all my emails end with “From, [name]”, can any of my secret PGP information be exposed?

ggliv
  • 31
  • 1
  • 1
    For a signature, the plain text is known by design. If having the plaintext m and the signature of m with the private key p would allow one to deduce p, then that signature scheme would be completely broken by design. –  Oct 11 '19 at 06:56

1 Answers1

3

Short answer: no.

Longer answer: If your PGP encryption is vulnerable to known-plaintext attacks, then that means PGP is using an old broken cipher. Modern, non-broken crypto (with updated software) will not have vulnerabilities like this. You can encrypt or sign whatever you want and no secret key information will be revealed.

Mike Ounsworth
  • 59,005
  • 21
  • 158
  • 212