Is it safe to rename file.gpg to `md5sum file`?

Robert J. Hansen rjh at sixdemonbag.org
Thu Dec 6 00:28:35 CET 2012


On 12/5/2012 6:10 PM, Max Parmer wrote:
> Here's my cite on the CAST weakness:
> http://www.schneier.com/paper-relatedkey.html

This falls squarely into the range of theoretical breaks.  Notice that
the attack requires 2**17 chosen plaintexts to all be encrypted with the
same symmetric key.  Since GnuPG uses disposable session keys, this is
pretty much completely irrelevant to GnuPG usage.




More information about the Gnupg-users mailing list