how vulnerable is "hidden-encrypt-to"

Hauke Laging mailinglisten at hauke-laging.de
Sat Aug 18 16:48:22 CEST 2012


Am Sa 18.08.2012, 10:36:21 schrieb Daniel Kahn Gillmor:

> It's worth observing that you can still detect the algorithm used and
> the size of the key, even when the keyid is all zeros.  So if someone
> has a particularly unusual key size (or is an early adopter of an
> unusual key type, like ECC), the pool of possible known recipients could
> actually be pretty small.
> 
> And it's also possible to rule out a given person as an intended
> recipient, e.g. if they have a 2048-bit RSA key and the ESK packet
> targets 4096-bit el gamal.

I think these hints should be added to the documentation.


Hauke
-- 
☺
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20120818/7fa7bf31/attachment.pgp>


More information about the Gnupg-users mailing list