17 Sep
2006
17 Sep
'06
6:06 p.m.
Hi
SMTP/TLS does not encrypt individual messages - as it's name implies, it works on the *transport* layer. And there, the public key exchange is used to agree on a symmetric session key.
PGP works the same way. The data is encrypted using a random symmetric key, then this symmetric key is encrypted asymmetrically for each recipient. That's why it's possible to send the same message to multiple recipients, without having to encrypt the same data multiple times. Symmetric encryption is also significantly faster.
Therefore, everything that applies to SSL/TLS should also apply to PGP - at least from my understanding.
Daniel