[Announce] Attack against OpenPGP encryption
Malte Gell
malte.gell at gmx.de
Fri Feb 11 17:23:48 CET 2005
On Friday 11 February 2005 02:00, David Shaw wrote:
> Last night, Serge Mister and Robert Zuccherato published a paper
> reporting on an attack against OpenPGP symmetric encryption.
> [...]
> There is a very good writeup on the attack that goes into more depth
> at http://www.pgp.com/library/ctocorner/openpgp.html
This is really amazing stuff. I just read their PDF and they make a
suggestion how a new kind of "quick check" could like like: adding the
hash of the symmetric key... I'm not a cryptologist, but this sounds
absolutely crazy, this would mean in the future the security of
symmetric encryption relies not only on the cipher, but on a hash
algorithm... regarding the recent discussions and rumours about hash
algorithms in general, is this really safer!?
Are there several different ideas what the new "quick check" could look
like or is there even already a consesus what it could look like?
Regards
Malte
More information about the Gnupg-users
mailing list