signing & encrypting

Ryan Malayter rmalayter@bai.org
Thu May 16 20:09:02 2002 

The best security comes from using sign/encrypt/sign. See:

http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html

-----Original Message-----
From: David Shaw [mailto:dshaw@jabberwocky.com]=20
Sent: Thursday, May 16, 2002 7:37 AM
To: gnupg-users@gnupg.org
Subject: Re: signing & encrypting


On Thu, May 16, 2002 at 12:01:18PM +0000, Aurelio Turco wrote:
> In the FAQ (http://www.gnupg.org/faq.html) it says:
>=20
>   There is a small security glitch in the OpenPGP (and therefore
GnuPG)
>   system; to avoid this you should always sign and encrypt a message
>   instead of only encrypting it.
>=20
> Can someone provide a one or two sentence explanation as to what this
> glitch might be?

Maybe not in one or two sentences ;)

In an encrypted, but not signed message, it is theoretically possible
to modify the message by inserting more encrypted bytes into the
middle.  Sort of like transforming "Hi Fred, I hope you are well" into
"Hi Fred, you rotten bastard, I hope you are doing badly and soon fall
down a well".

Signing prevents this problem, as the signature would not be valid on
a modified message.  However, GnuPG also supports the MDC
(modification detection code) feature of OpenPGP which includes a
mini-signature inside the encrypted data which can also prevent this
without signing.

> If one is to both sign and encrypt a message, would I be correct in
> saying that one should encrypt before signing?

Other way around - when you encrypt and sign, you are doing
encrypt(sign(data)).

> Does the order in which --sign and --encrypt are specified on the gpg
> command line make a difference to the order in which the corresponding
> operations are done?

No.

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW
http://www.jabberwocky.com/
+-----------------------------------------------------------------------
----+
   "There are two major products that come out of Berkeley: LSD and
UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users