message was not integrity protected

David Shaw
Mon Oct 14 16:02:02 2002

On Thu, Oct 10, 2002 at 02:31:13PM +0200, Heiko Teichmeier wrote:
> Hi list,
> I use gpg 1.1.91-nr1 with GnuPP 1.1. If I get a encrypted mail from a user 
> with PGP 7.x. I can decrypt the message, but the I get the message 
> "Warning: messsage was not integrity protected".
> How dangerous is this problem to trust the mail? What way exist to get a 
> clean message - no failure?

GnuPG supports integrity protected messages which adds a hash (sort of
a mini-signature) inside the encrypted message to alert the user if
the message was tampered with.

That warning message means that the message you received did not have
integrity protection enabled.  PGP 7 does not generate messages with
integrity protection, though it does understand them when a GnuPG user
sends messages to a PGP 7 user.

This feature is to help combat message modification attacks such as
the one given in

You can make the warning go away with --no-mdc-warning.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson