current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Information Security Stack Exchange is a question and answer site for information security professionals. It's 100% free, no registration required.

Sign up
Here's how it works:
  1. Anybody can ask a question
  2. Anybody can answer
  3. The best answers are voted up and rise to the top
up vote 5 down vote favorite

This question already has an answer here:

Would it be easier to hack a private key by having multiple encrypted and/or signed messages from the same person than having only encrypted or only signed messages?

Should I use one private key to encrypt and another to sign?

share|improve this question

marked as duplicate by Begueradj, LamonteCristo, RoraΖ, Stephane, Iszi Sep 8 '15 at 14:22

This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
up vote 6 down vote accepted

It is not feasible to crack a private key when having multiple encrypted/signed messages. Note that:

  • According to the OpenPGP standard, when encrypting a message the public key is only used to encrypt a random session symmetric key, which is then used to encrypt the message itself.

  • Generating a new key pair each time would involve redistributing your public key, which is actually the weak point in Public Key Infrastructures.

  • If your PGP key pair is DSA/ElGamal instead of RSA you already use a different key for signing (DSA) and for encrypting (ElGamal).

share|improve this answer
up vote 5 down vote

A few time ago I wrote an answer describing the Ebics protocol, a protocol allowing to use the same or different certificates for each purpose.

This answer shows some situations where having different certificates is required, however if you do not have such specific need (for example the signature and the encryption could be processed by different persons, or you may need several signatures for the same encrypted file, etc.), then there is no need to use different keys and you can safely use only one.

share|improve this answer
up vote 4 down vote

With strong, modern crypto, there should not be any problems with using the same private key for both operations. In fact, the additional hassle of using multiple keys is (slightly) more likely to become a security concern (because of accidental misuse) than the crypto angle.

share|improve this answer
    
In some cases you can create or modify keys to only be allowed for encryption or signing, thus preventing accidental misuse. – kasoban Sep 8 '15 at 14:20

Not the answer you're looking for? Browse other questions tagged or ask your own question.