[Q]signing an encrypting, integirty

CL Gilbert Lamont_Gilbert@RigidSoftware.com
Wed Jul 9 19:32:10 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Lukasz Stelmach wrote:
| Greetings All!!!
|
| I have found an article in Dr.Dobb's Journal about <subj.>. There
| has been shown a problem of dependency between signed text and
| and encryption. Lets assume we have three parties Alice, Bob
| and Charlie (A,B,C)
|
| * A,B,C are their public keys
| * a,b,c are their private keys (for signing)
| * {msg}A means "msg encrypted for Alice"
| * {msg}b means "msg signed by Bob"
|
| Now, there is situation:"
|
| {{msg}a}B
|
| Alice sends, some secret data to Bob. Bob can decrypt message
| and crypt it for Charlie as if it has been sent by Alice:
|
| {{msg}a}C
|
| which in fact is not true. There is no way for charile to
| know that Bob has anything to do with the message.
|
| If Alice has first encrypted and then signed the message
|
| {{msg}B}a
|
| Bob can't do the same trick. But this is not fully secure either.
| Now Charlie if he knows what is in the message he can strip Alice's
| signature and give his own:
|
| {{msg}B}c
|
| and Bob may think Charlie is the author.
|
| There are several simple ways walk around these problems. Alice may
| write:
|
| {{To: Bob, msg}a}B
|
| and Bob cannot send msg to Charlie and pretend that he has nothing
| to do with taht message. The other case may be solved this way:
|
| {{msg, Wrote by Alice}B}a
|
| Now Bob knows taht msg should have been signed by Alice not by Charlie.
|
| In the article (i can't remever the issue now) mentioned above
| there were som other soulutions too. My [Q] is now:
|
| Are there any "automatic" ways in GnuPG (open PGP) to avoid
| such situations?
|
| By.
| --
| |/       |_,  _   .-  --,  Ju| z ka|dej strony peBzn, potworne rzdze
| |__ |_|. | \ |_|. ._' /_.         Bd uprawiaB nierzd, za pienize

I don't think this is a function of GNUPG as much as how you use it.  If
you want someone to know the message is from your, then you sign it.  If
you can not trust the end user, then whats the point?

What this article is hinting at is called DRM.


- --
Thank you,


CL Gilbert
Free Java interface to Freechess.org
http://www.rigidsoftware.com/Chess/chess.html
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiastes 9:16

GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD  19AE 55B2 4CD7 80D2 0A2D
GNU Privacy Guard http://www.gnupg.org
Pretty Good Privacy (PGP) http://web.mit.edu/network/pgp.html, windows
users should try that.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/DFHjVbJM14DSCi0RAk4XAJ9i6qWWZxCHaPhW2cXRkqkcQYuYhQCfWxxK
yGehPtEJKh9M+59gmwmAEMk=
=pDP6
-----END PGP SIGNATURE-----