Encrypted file-size approximation with multiple recipients

Tim Chase gnupg at tim.thechases.com
Thu Apr 10 23:18:21 CEST 2014


On 2014-04-07 00:05, Daniel Kahn Gillmor wrote:
> It sounds to me like you might be setting up some sort of automated
> encrypted JSON message-passing scheme.  If so, you should be aware
> that if any of the encrypted JSON could be controlled by an
> attacker, that attacker could possibly learn information about the
> other parts of the message that are not controlled by them when
> using compression, just by inspecting the size of the traffic.

Thanks for the heads-up.  If I understand you (after some further
reading on CRIME attacks), this only is an issue in the event that a
3rd party is injecting content into the requests and then able to
see the resulting encrypted data. In my use-case, the encrypting party
is in control of the entire message (modulo some metadata controlled
by my wrapping app, including nothing from other parties) so such a
CRIME attack would have to be self-inflicted, and yield unsurprising
results because it would reveal message content they already possess.

Thanks,

-Tim





More information about the Gnupg-users mailing list