[Q] : verify an encrypted signed file.

Werner Koch wk@gnupg.org
Mon Aug 20 21:46:02 2001

On Mon, 20 Aug 2001 12:07:27 -0400, Justin R Miller said:

> sign it? I mean, I do this, but I don't understand it. I would think
> that the encryption would both assure authenticity and intactness.
Like all other encryption protocols OpenPGP has a flaw here: Without signing the data, it is possible to _modify_ the message. The recipient will notice some strange characters in the outbut but most users are naively assuming that this is due to noise on the wire. There is even an *theoretical* attack involving some social engineering which allows to decrypt the message. The next revision of OpenPGP has a countermeasure against that. This new mode is already used by GnuPG and PGP 7 if you are using AES/RIJNDAEL or Twofish (i.e the recipient hast this algorithm in his preferences). Werner -- Werner Koch Omnis enim res, quae dando non deficit, dum habetur g10 Code GmbH et non datur, nondum habetur, quomodo habenda est. Privacy Solutions -- Augustinus