A coming attack on PGP, and a way to mitigate it
Daniel Franke
df at dfranke.us
Mon May 4 07:11:07 CEST 2009
I <df at dfranke.us> wrote:
> It's a pity, really. We're foiled by what's almost certainly nothing
> more than a thoughtless accident in the design of the protocol. Perhaps
> this remains something to consider for the next protocol revision. I
> can't think of any fundamental reason that PGP must necessarily be
> exploitable by birthday attacks of any sort, although I'm talking
> somewhat out of my depth in making this assertion.
Whoa, heh. I just glanced at the authorship of RFC4880 and realized
whom I'm addressing :-).
--
Daniel Franke df at dfranke.us http://www.dfranke.us
|----| =|\ \\\\
|| * | -|-\--------- Man is free at the instant he wants to be.
-----| =| \ /// --Voltaire
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: </pipermail/attachments/20090503/bde6b100/attachment-0001.pgp>
More information about the Gnupg-devel
mailing list