Re: Anybody know details about Schneier's "flaw"?
Carl Ellison <cme@acm.org> Sat, 17 August 2002 12:56 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA24895 for <openpgp-archive@lists.ietf.org>; Sat, 17 Aug 2002 08:56:17 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g7HCgkt19328 for ietf-openpgp-bks; Sat, 17 Aug 2002 05:42:46 -0700 (PDT)
Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g7HCgjw19322 for <ietf-openpgp@imc.org>; Sat, 17 Aug 2002 05:42:46 -0700 (PDT)
Received: from p4 ([12.224.48.160]) by rwcrmhc51.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with SMTP id <20020817124231.IDUW1746.rwcrmhc51.attbi.com@p4> for <ietf-openpgp@imc.org>; Sat, 17 Aug 2002 12:42:31 +0000
Message-Id: <3.0.5.32.20020817054229.0229a930@localhost>
X-Sender: cme@localhost
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32)
Date: Sat, 17 Aug 2002 05:42:29 -0700
To: ietf-openpgp@imc.org
From: Carl Ellison <cme@acm.org>
Subject: Re: Anybody know details about Schneier's "flaw"?
In-Reply-To: <20020816031342.A599725@exeter.ac.uk>
References: <5.1.1.6.2.20020815174759.02572e28@127.0.0.1> <5.1.1.6.2.20020814093305.01451338@127.0.0.1> <OF94CAB39F.FCF0A0BA-ON86256C15.00507ACA@kodak.com> <OF94CAB39F.FCF0A0BA-ON86256C15.00507ACA@kodak.com> <5.1.1.6.2.20020814093305.01451338@127.0.0.1> <sjm1y91wfh7.fsf@kikki.mit.edu> <5.1.1.6.2.20020815174759.02572e28@127.0.0.1>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 03:13 AM 8/16/2002 +0100, Adam Back wrote: >Also the attack for those who haven't read the paper is really >low-tech. They're just observing that if you can ask someone to >decrypt a message you can use that to decrypt related messages. So >you intentionally garble a message, and hope the user sends you the >garbled plaintext back to you to ask what went wrong. The rest >falls out of the fact that if you garble a few bits of a ciphertext >most of the plaintext will still be intact. Y'know, there's an even simpler attack with the same premise. You intercept an encrypted e-mail from Alice to Bob. You take the mail body out of the message and send that body to Bob under your e-mail address (or under some address you control that Bob might mistake for Alice's, which would be even better). Bob decrypts the message and replies to it, including the original message body by default. The mistake here, on Bob's part, is to reply to a message without paying attention to the e-mail address being used -- rather than replying to a message with quoted garbage rather than just saying "that was garbage -- send again". - Carl -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQA/AwUBPV5EtHPxfjyW5ytxEQI12ACg3NB4hVzj9Og2VB0dpz6CNtdv9IUAniTD AK7BRrNff1maSKf+z/RzYkcV =nq3Z -----END PGP SIGNATURE----- +------------------------------------------------------------------+ |Carl M. Ellison cme@acm.org http://world.std.com/~cme | | PGP: 75C5 1814 C3E3 AAA7 3F31 47B9 73F1 7E3C 96E7 2B71 | +---Officer, arrest that man. He's whistling a copyrighted song.---+
- Anybody know details about Schneier's "flaw"? john.dlugosz
- Re: Anybody know details about Schneier's "flaw"? Derek Atkins
- Re: Anybody know details about Schneier's "flaw"? Rodney Thayer
- Re: Anybody know details about Schneier's "flaw"? Derek Atkins
- Re: Anybody know details about Schneier's "flaw"? Marc Mutz
- Re: Anybody know details about Schneier's "flaw"? john.dlugosz
- Re: Anybody know details about Schneier's "flaw"? Jon Callas
- Re: Anybody know details about Schneier's "flaw"? Lutz Donnerhacke
- Re: Anybody know details about Schneier's "flaw"? Rodney Thayer
- Re: Anybody know details about Schneier's "flaw"? Adam Back
- Re: Anybody know details about Schneier's "flaw"? Carl Ellison
- Re: Anybody know details about Schneier's "flaw"? Dominikus Scherkl
- Re: Anybody know details about Schneier's "flaw"? Peter Gutmann
- Re: Anybody know details about Schneier's "flaw"? Adrian 'Dagurashibanipal' von Bidder
- Re: Anybody know details about Schneier's "flaw"? Werner Koch
- Re: Anybody know details about Schneier's "flaw"? Adrian 'Dagurashibanipal' von Bidder
- Re: Anybody know details about Schneier's "flaw"? David Hopwood
- Re: Anybody know details about Schneier's "flaw"? Peter Gutmann