MUA option "encrypt to self" weakness in certain situations?
Atom 'Smasher'
atom-gpg at suspicious.org
Mon Apr 26 17:49:25 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 25 Apr 2004, Malte Gell wrote:
> This could mean that if someone (=recipient) uses a long key it may be
> rendered "useless" without intention if the sender has a short(er) key
> and uses such an "encrypt to self" option in his MUA. Is this thought
> correct?
=====================================
correct. this is the case *anytime* multiple recipients are specified, not
only the case of encrypt-to-self. if an attacker wants to know the session
key, they can attack the "weakest" public that a message is encrypted to.
as i understand it, the public key implementations does not help an
attacker compute another private key, used in the same message.
part of the security of ANY encryption scheme depends not just on how
secure/paranoid ~you~ are, but also how secure/paranoid is the person
you're communicating with. a mistake on *their* end can cause *your*
secrets to not be secret.
...atom
_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3
-------------------------------------------------
"When one tries to rise above Nature one is
liable to fall below it."
-- Sherlock Holmes (Arthur Conan Doyle)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
Comment: What is this gibberish? - http://atom.smasher.org/links/#digital_signatures
iEYEARECAAYFAkCNL4wACgkQnCgLvz19QeNacgCeKEJp86xOl9o9RiV2/Zh1G7US
mW8An2XUqNRe5PjyyWq57z/qUgJmQqLg
=TeOg
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list