[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security fixes (KDF, MDC->MAC)?
-----BEGIN PGP SIGNED MESSAGE-----
> Hello OpenPGP,
> Is there interest in fixing the security flaws discussed in the recent
> "security analysis" thread? -
> (1) the Integrity Protected Data and MDC Packets fail to stop Schneier et
> al's attack, because the ciphertext blocks can be pasted into a
> non-integrity protected packet (ie ciphertext from a tag 18 packet can be
> placed in a tag 9 packet, evading the MDC).
[...] Unlike the Symmetrically Encrypted Data Packet, no
special CFB resynchronization is done after encrypting this prefix
doesn't this prevent converting packet 18 to 9 ?
^----PGP 2.6.3ia-multi06 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes)
-----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1
-----END PGP SIGNATURE-----