message was not integrity protected
David Shaw
dshaw@jabberwocky.com
Mon Oct 14 16:02:02 2002
On Thu, Oct 10, 2002 at 02:31:13PM +0200, Heiko Teichmeier wrote:
> Hi list,
>
> I use gpg 1.1.91-nr1 with GnuPP 1.1. If I get a encrypted mail from a user
> with PGP 7.x. I can decrypt the message, but the I get the message
> "Warning: messsage was not integrity protected".
> How dangerous is this problem to trust the mail? What way exist to get a
> clean message - no failure?
GnuPG supports integrity protected messages which adds a hash (sort of
a mini-signature) inside the encrypted message to alert the user if
the message was tampered with.
That warning message means that the message you received did not have
integrity protection enabled. PGP 7 does not generate messages with
integrity protection, though it does understand them when a GnuPG user
sends messages to a PGP 7 user.
This feature is to help combat message modification attacks such as
the one given in http://www.counterpane.com/pgp-attack.html
You can make the warning go away with --no-mdc-warning.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson