Re: secure sign & encrypt
Derek Atkins <warlord@mit.edu> Thu, 23 May 2002 20:30 UTC
Received: from above.proper.com (mail.imc.org [208.184.76.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA26047 for <openpgp-archive@odin.ietf.org>; Thu, 23 May 2002 16:30:10 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g4NKLpS13489 for ietf-openpgp-bks; Thu, 23 May 2002 13:21:51 -0700 (PDT)
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4NKLnL13481 for <ietf-openpgp@imc.org>; Thu, 23 May 2002 13:21:49 -0700 (PDT)
Received: from grand-central-station.mit.edu (GRAND-CENTRAL-STATION.MIT.EDU [18.7.21.82]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id QAA08851; Thu, 23 May 2002 16:21:51 -0400 (EDT)
Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by grand-central-station.mit.edu (8.9.2/8.9.2) with ESMTP id QAA27471; Thu, 23 May 2002 16:21:51 -0400 (EDT)
Received: from gorf.mit.edu (GORF.MIT.EDU [18.18.1.77]) by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id QAA17800; Thu, 23 May 2002 16:21:50 -0400 (EDT)
Received: (from warlord@localhost) by gorf.mit.edu (8.9.3) id QAA18176; Thu, 23 May 2002 16:21:50 -0400
To: Terje Braaten <Terje.Braaten@concept.fr>
Cc: OpenPGP <ietf-openpgp@imc.org>
Subject: Re: secure sign & encrypt
References: <1F4F2D8ADFFCD411819300B0D0AA862E29ABF4@csexch.Conceptfr.net>
From: Derek Atkins <warlord@mit.edu>
Date: Thu, 23 May 2002 16:21:50 -0400
In-Reply-To: <1F4F2D8ADFFCD411819300B0D0AA862E29ABF4@csexch.Conceptfr.net>
Message-ID: <sjmvg9ezkbl.fsf@gorf.mit.edu>
Lines: 44
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by above.proper.com id g4NKLoL13482
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 8bit
Terje Braaten <Terje.Braaten@concept.fr> writes: > Derek Atkins <warlord@MIT.EDU> wrote: > > I'm not sure exactly what you mean by when you say Alice saves a copy > > of the session key... How does Alice get that key to Charlie? Also > > keep in mind that the interior and exterior encryptions SHOULD be > > using different session keys. So, I don't understand what you mean? > > She could send it to Charlie in a different mail, or add it on the outside > of the signature (ES) packet before she encrypt and send it to Charlie. > And since she control the building of the message, another solution > would be that she could also use the same session key in the interior and > exterior encryptions no matter what the protocol says should be done. But then Charlie KNOWS that Alice did the dastardly deed. Moreover, you'd need extremely special reader to be able to read such a message, because it would not be 2440-compliant. > > Can you show the packets that Charlie sees? I don't see any way > > to add a new ESK on the interior message without invalidating the > > signature.... > > Charlie sees after decrypting the first layer > PreSig[Alice]{ESK [Bob] Enc { Literal { Message } } }PostSig[Alice] Ok, can you show me the complete message Charlie receives (before he decrypts the first layer)? Note that if Charlie sees this message, it is quite clear that the message was meant for Bob alone. > In addition he has, or can make ESK[Charlie]. This information he can > claim he must have got from Bob, since he is the only original recipient. How can Charlie insert an ESK[Charlie] and not invalidate the signature? > Terje BrĂ¥ten -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH warlord@MIT.EDU PGP key available
- secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Peter Gutmann
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt David P. Kemp
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Dominikus Scherkl
- Re: secure sign & encrypt disastry
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt disastry
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Peter Gutmann
- Re: secure sign & encrypt Michael Young
- Re: secure sign & encrypt Paul Hoffman / IMC
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Brian M. Carlson
- Re: secure sign & encrypt Jon Callas
- Re: secure sign & encrypt Adrian 'Dagurashibanipal' von Bidder
- RE: secure sign & encrypt john.dlugosz
- RE: secure sign & encrypt Terje Braaten