"decryption forced to fail" due to missing signature?
wk at gnupg.org
Tue Jan 23 15:17:31 CET 2018
On Tue, 23 Jan 2018 11:45, Alexander.Strobel at giepa.de said:
> gpg: WARNING: message was not integrity protected
> Is this behavior intended?
Yes. The MDC feature has been deployed 17 years ago and we can expect
that all implementation use this. Not using MDC (i.e. authenticated
encryption) is not a good idea due to real world attacks which may
reveal the plaintext.
It seems that some Bouncy Castle based implementations do not create MDC
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 227 bytes
Desc: not available
More information about the Gnupg-devel