Re: secure sign & encrypt
disastry@saiknes.lv Thu, 23 May 2002 17:34 UTC
Received: from above.proper.com (mail.imc.org [208.184.76.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA19480 for <openpgp-archive@odin.ietf.org>; Thu, 23 May 2002 13:34:35 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g4NHQB508963 for ietf-openpgp-bks; Thu, 23 May 2002 10:26:11 -0700 (PDT)
Received: from nekas.saiknes.lv (root@nekas.saiknes.lv [195.2.103.13]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4NHQ9L08959 for <ietf-openpgp@imc.org>; Thu, 23 May 2002 10:26:10 -0700 (PDT)
Received: from saiknes.lv (hackserv.saiknes.lv [195.2.103.8]) by nekas.saiknes.lv (8.11.4/8.11.4) with ESMTP id g4NHQAR18650 for <ietf-openpgp@imc.org>; Thu, 23 May 2002 19:26:10 +0200
Message-ID: <3CED262D.657EB83F@saiknes.lv>
Date: Thu, 23 May 2002 19:26:05 +0200
From: disastry@saiknes.lv
X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
X-Accept-Language: en,lv,ru
MIME-Version: 1.0
To: ietf-openpgp@imc.org
Subject: Re: secure sign & encrypt
References: <3CED0510.A968E4DC@saiknes.lv>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 disastry wrote: > fake pubkey encryption packets can be added > by man in the middle so that recipient thinks that message was encrypted > to him and to other preson. > > I wrote about it here: > http://lists.gnupg.org/pipermail/gnupg-devel/2001-August/006285.html I think this can be solved by modifying Sym. Encrypted Integrity Protected Data Packet (Tag 18). Now it is: version byte == 1 encrypted data encrypted data consists of: encrypted iv encrypted plaintext encrypted Modification Detection Code Packet (Tag 19) I suggest: version byte == 2 encrypted data encrypted data consists of: encrypted iv encrypted Recipients packet (Tag 20) (put it before plaintext - if it would be after it would be difficult to find where plaintext ends, when decrypting) encrypted plaintext encrypted Modification Detection Code Packet (Tag 19) Recipients packet version byte == 1 number of recipients, 2 bytes (should be enough..) number_of_recipients*20 byte list of fingerprints recipient keys (16 byte RSA v3 key fingerprints are appended with 4 zeros (or maybe with 4 lowest keyid bytes? I think, it's even better)) this ensures that recipient list is intact not only for signed & encrypted messages but also for encrypted only messages. __ Disastry http://disastry.dhs.org/ -----BEGIN PGP SIGNATURE----- Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1 iQA/AwUBPO0JwDBaTVEuJQxkEQMORgCg/j0R2RUf830eylTBm6zdeAmt76YAnA8p sqW+9RNiC+62SMx6KSu/waDu =nqXN -----END PGP SIGNATURE-----
- secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Peter Gutmann
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt David P. Kemp
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Dominikus Scherkl
- Re: secure sign & encrypt disastry
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt disastry
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Peter Gutmann
- Re: secure sign & encrypt Michael Young
- Re: secure sign & encrypt Paul Hoffman / IMC
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Brian M. Carlson
- Re: secure sign & encrypt Jon Callas
- Re: secure sign & encrypt Adrian 'Dagurashibanipal' von Bidder
- RE: secure sign & encrypt john.dlugosz
- RE: secure sign & encrypt Terje Braaten