newbie problems

David Shaw
Sun Dec 8 06:44:02 2002

On Sat, Dec 07, 2002 at 05:08:52PM -1000, Max Brandt wrote:

> >>I see that GPGshell gives me the option, in GnuPG preferences, to
> >>remove this warning (no-mdc-warning). As there appears to be no
> >>option in PGP8 relating to modification detection code, I
> >>assume that PGP (at least in the freeware version) encrypts
> >>without mdc, which would make all messages vulnerable to message
> >>modifications attacks. Am I correct?
> >PGP  always encrypts without MDC, though it can understand
> >MDC-protected messages generated elsewhere.
> >David
> That seems a good reason not to use PGP 8

Well.. no, not really.  The chosen ciphertext attack that MDC foils is
a really difficult attack to implement, and it involves the
(presumably unwitting) assistance of the message recipient (i.e. you).
In general, signing the message gives you similar protection.

MDCs as used in OpenPGP have some controversy around them.  Some
people are calling for their removal from the standard, and
replacement with a different design.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson