Re: [openpgp] OpenPGP encryption block modes
Peter Gutmann <pgut001@cs.auckland.ac.nz> Thu, 11 August 2022 11:44 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF355C14F749 for <openpgp@ietfa.amsl.com>; Thu, 11 Aug 2022 04:44:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eUEeuACbTkiw for <openpgp@ietfa.amsl.com>; Thu, 11 Aug 2022 04:44:00 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.21.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2208C14F746 for <openpgp@ietf.org>; Thu, 11 Aug 2022 04:43:58 -0700 (PDT)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01lp2240.outbound.protection.outlook.com [104.47.71.240]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id au-mta-49-Fm3DGg0nPEGlJLEdml14KQ-2; Thu, 11 Aug 2022 21:43:56 +1000
X-MC-Unique: Fm3DGg0nPEGlJLEdml14KQ-2
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by ME1PR01MB0961.ausprd01.prod.outlook.com (2603:10c6:200:d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.22; Thu, 11 Aug 2022 11:43:54 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9ce9:9bf2:308b:8a40]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9ce9:9bf2:308b:8a40%3]) with mapi id 15.20.5504.020; Thu, 11 Aug 2022 11:43:54 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "brian m. carlson" <sandals@crustytoothpaste.net>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] OpenPGP encryption block modes
Thread-Index: AQHYqJ7vTaur47W7kEKyw7brud5Nxq2oQKKAgAB0aoCAAOjBiQ==
Date: Thu, 11 Aug 2022 11:43:54 +0000
Message-ID: <SY4PR01MB625175407BE3744A482FBEDCEE649@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <YuFc+w02FiRQmHcg@watt.59.ca> <87bktajjvq.fsf@thinkbox> <YuKpxp0/Dy1DfC19@watt.59.ca> <875yjhjg2c.fsf@thinkbox> <87r124m64c.fsf@wheatstone.g10code.de> <YulX9jI1+wOCwLJq@ohm.59.ca> <Q6EUpbQm0e5f1OiU-77Old9p9FXyLCaFZ8pMm7PTt8VTLQJaXRQzWIDSwc3db6yI-56imyOaTNdt9TC8Zrm1jN_kPKxFYH4OqEu6o-Wfquo=@protonmail.com> <YuvlHdLz0Sfle7Ot@ohm.59.ca> <87a68ji1bv.fsf@wheatstone.g10code.de> <YvPGY8ArcKD7Hr1p@watt.59.ca> <YvQoC1g5rzKCfCVp@tapette.crustytoothpaste.net>
In-Reply-To: <YvQoC1g5rzKCfCVp@tapette.crustytoothpaste.net>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 845ab5fb-2ded-4444-301a-08da7b8ec4dd
x-ms-traffictypediagnostic: ME1PR01MB0961:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: 8hLt740eDhED0JAHg+EsMqMrQH1Ze9qR1uwRh6eFRY4Pjt7XHZwSMlnZjqw1MALnv9ZEv9u9YLliKdn/Wk21h5960U3IWCDahDgdcbj/Pofok+eQYWZqNfDm/6ldJqp1tJxdZ2hvDkA9YhEW51J9UmbmjVOByw1Nvv+HtpRP2t7UqohqBkOhDWSdwI7NhfItEr9rqQ4CfGMpks1ocXkxEyyA4++S2m+GyWwhQ1bjUt8N8weZxZ86BkqbE1iVazu/5o4siaM/0pBEDcZn+cvmbxYCQcMCC2fdS9FcAsdHYk41FLvYkaLvpOqfbnjvgd2xIrxB3BUn/eozBaM0HPcN6qIH4MjVSlmXYI1A1oZ1g++OqOF0Cn9o4fvB7ihL3QGsXIQSxeZOAgdoD5JJNRDBoiVA4uyAmytNCfCGDvLuP/adf2/4zatwlwznH3RFmZnryt2E/lRMN5G3EM3s5Tm4iwPA7woRx5+ctgX/4rhUYvzq5GxFbdnpjJXyLHLDcye2scV7GoORQJlOiFAp62V2MWO2MsktRNOXQ9QdImWJqvl17gfzR0YsA26DvrtJYmGnVA4ygQATkFCiziVnDJ4DEHOkmcGgekSVZx4CL5gUbSbL+eqqSBkPW9HUHxZYXCVJnHr7988RKFn0UMrGp92od0uF1F3it6DyMZIO49UL4burTd27LRrUML6Ks/1Xzn1tSA3z/++sAKOI74EjfDsCV1tBAJsP7ITjRAElAS8RpK5xHI3F/W/mt59SOtXDKT4mXg4RK7sIO6bA4zjrrjKqN2WFZlVgFSh3dGMmI5WxtqY=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(376002)(136003)(396003)(39860400002)(366004)(346002)(6506007)(26005)(9686003)(7696005)(33656002)(186003)(38070700005)(86362001)(55016003)(38100700002)(4744005)(122000001)(110136005)(786003)(316002)(8936002)(478600001)(2906002)(5660300002)(41300700001)(66946007)(52536014)(71200400001)(76116006)(8676002)(64756008)(66556008)(66446008)(66476007); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Be/+SxuEkSnTAD12b3TvcHAgYV1fkdwPXmeKtp21fFlQC1SUSLZlhd260aaGk6UrxcTG0w5F9S9zh/WTDu6cqBT9VjtWtqwxT4/QXbq2Nu/5HDoQ0XNi5j7v3honwBxd/A/oWxbJ40AOqc1hGb//JMnFCYyp7qg2IKPct1eSNoN7dl2yQGAlH9meEQTWujdla30oexr6Za9npcSnfx/pjuhfvHgV2YDASgPH1/2XbuwUK1Pqw1yqpE7VAbY6A0fZa/7qPD6CLopsKYB9CVQyBpf2WlK3D1jCW0ZnRNd0Llm4jSNdBrvg8WXsWDS686DDn/okzAmVLNAkoECqfUl0YPxEBMGgKqHdDa5gVg9wqOI9O0CMuPTUAzXwlsOT9hfaTVXaX75gZZwcX1yoWeMPPmISfpDFGlqXMkRRT1ZSfExBbZAQH5Dv+tWSIRraOOlYboh3b+QffcIKgeQKLbAsi9pfHU2pMCC2sf9v7ZGyGcErGIedDVhUgRllEX9rbFoygWikhJebJtg22AZx4O4d00I8Mvf1haGYwGsejq/qNOSILU/Atv+7NQiZhbMLBq+70fGyAijNQN63TXV+c5pRJAZhYA448v840HUFK7FmUWtmb/FcUciO37AEEVcw5nrEUdlge5d6ejWrjCjflC3gy0VYsvH6GibnKIMP1l8NDxrGxDvgEkDms1V1pymiXbouXz0EHebWXfRJcjAk1kx1ZQy+wckhyjYF6bogS0bJI2fyZ7k9k8Omjme/zVmkXjSW0hey948CJi5/0cN0mhV08C/GvwVb3uVsyr5fF0y9e3q8fBiCznFokU3ub7ACGcDFT12jiprseqpLM5rG2UOm8q5NkdiHVnPxdszM7PY6FUdk7EQQyUXRvfoTP+VLRCUnpuW2s/CL7UIwMb3ufRhHHIhfum86JSzwZON71OEihwyCpLjG+DRk/CBaFELROgGgVleli7ELqSoBgzK/au5uaINIVS9+hkXvX17fhfHoiaHrZU3ZRe3XzyGzn4/qX084ibT5iXpLOeaVrRKgQj+WWzheQ53N/j1DeiUD+4oRNZI/taRXbCNo7q4+3iFOgCJWzg66dD60Cts1ddhUkZAzTw50gUwIEx7NWtN/GIaf+ky2eDjKZ3It1kHb5MBJ1uVdF+GO8BhDJjxNe/iZipQrAOJsNJcIz2f52jM9HrFt5GIOXJVp+zl0AuombgjBsHhgROqLQf6At9yQKS5SkFTpoH2FxmeT0yXYW9hdYbl43sOsgAAb3gCGmiYZnUlk/llenTYogYyE/DezzidZdhxXDitPdrHrmopTAJv+kuqdFXyXyeXZUPZfj5ti5PRfFFnOz24YqzNVtxpAuXomicNqErlWOQp4gvBRo+Gt6t0mOF2QfJ24RWNafSb6UeK5IZUxd+c04LJmHDjVlw9x0DmjZ5ZAaJG14/cBV9bTo3pSf/HyFk5npq5eXZ/w6UPPxm1xOI7nzh2tErQTJWMg7mfSrandsy4KsXb3yPnpjzJYgNJhzEcZ3KWgQJugOKEvDpfNzG+ep5SUOdJPVOEf9EhfmDoIlEwi3D8ZDT2VBldJDBPRalVQ4HrT7lTHhRYQvj4C8WCy2Omoj6ghPeeQjBYmiA==
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 845ab5fb-2ded-4444-301a-08da7b8ec4dd
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Aug 2022 11:43:54.4123 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: n1iLeHHuAj3HRtnrxO+ozCM2uPPyqhcDb0cUfRFH+VR0D7ryr4btN4yvL3qWVPHyMFQHt/G+J2ikc62kvh2XKo9lz7G3tfKTjoycUwtHb7E=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: ME1PR01MB0961
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/JMxxiNlLiX0MLShQzgMDe_JPwto>
Subject: Re: [openpgp] OpenPGP encryption block modes
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Aug 2022 11:44:01 -0000
brian m. carlson <sandals@crustytoothpaste.net> writes: >SHA-1 is no longer considered secure, and thus we can't assume that a SHA-1 >hash of the data intrinsically indicates that it hasn't been changed. Except that the MDC is encrypted along with the plaintext, so you can't just brute-force a collision. Like the HMAC construct, even if the underlying hash function is no longer secure the overall construct is a different matter. Peter.
- [openpgp] The Argon2 proposal seems incomplete (D… Bruce Walzer
- Re: [openpgp] The Argon2 proposal seems incomplet… Justus Winter
- Re: [openpgp] The Argon2 proposal seems incomplet… Bruce Walzer
- Re: [openpgp] The Argon2 proposal seems incomplet… Daniel Huigens
- Re: [openpgp] The Argon2 proposal seems incomplet… Justus Winter
- Re: [openpgp] The Argon2 proposal seems incomplet… Bruce Walzer
- Re: [openpgp] The Argon2 proposal seems incomplet… Justus Winter
- Re: [openpgp] The Argon2 proposal seems incomplet… Werner Koch
- Re: [openpgp] The Argon2 proposal seems incomplet… Paul Wouters
- Re: [openpgp] The Argon2 proposal seems incomplet… Bruce Walzer
- Re: [openpgp] The Argon2 proposal seems incomplet… brian m. carlson
- Re: [openpgp] The Argon2 proposal seems incomplet… Stephen Farrell
- Re: [openpgp] The Argon2 proposal seems incomplet… Bruce Walzer
- Re: [openpgp] The Argon2 proposal seems incomplet… Daniel Huigens
- [openpgp] OpenPGP encryption block modes (Was: Th… Bruce Walzer
- Re: [openpgp] OpenPGP encryption block modes (Was… Daniel Huigens
- Re: [openpgp] OpenPGP encryption block modes (Was… Peter Gutmann
- Re: [openpgp] OpenPGP encryption block modes (Was… Stephen Farrell
- Re: [openpgp] OpenPGP encryption block modes (Was… Benjamin Kaduk
- Re: [openpgp] OpenPGP encryption block modes (Was… Bruce Walzer
- Re: [openpgp] The Argon2 proposal seems incomplet… Bruce Walzer
- Re: [openpgp] The Argon2 proposal seems incomplet… Daniel Huigens
- Re: [openpgp] OpenPGP encryption block modes (Was… Bruce Walzer
- Re: [openpgp] The Argon2 proposal seems incomplet… Bruce Walzer
- Re: [openpgp] OpenPGP encryption block modes (Was… Daniel Huigens
- Re: [openpgp] The Argon2 proposal seems incomplet… Daniel Huigens
- Re: [openpgp] OpenPGP encryption block modes Werner Koch
- Re: [openpgp] OpenPGP encryption block modes Aron Wussler
- Re: [openpgp] OpenPGP encryption block modes Bruce Walzer
- Re: [openpgp] OpenPGP encryption block modes Daniel Huigens
- Re: [openpgp] OpenPGP encryption block modes Aron Wussler
- Re: [openpgp] OpenPGP encryption block modes (Was… Phillip Hallam-Baker
- Re: [openpgp] OpenPGP encryption block modes (Was… Marcus Brinkmann
- Re: [openpgp] OpenPGP encryption block modes Bruce Walzer
- Re: [openpgp] OpenPGP encryption block modes brian m. carlson
- Re: [openpgp] OpenPGP encryption block modes Werner Koch
- Re: [openpgp] OpenPGP encryption block modes Peter Gutmann
- Re: [openpgp] OpenPGP encryption block modes Bruce Walzer
- Re: [openpgp] OpenPGP encryption block modes brian m. carlson
- Re: [openpgp] OpenPGP encryption block modes Stephen Farrell
- Re: [openpgp] OpenPGP encryption block modes Peter Gutmann
- Re: [openpgp] OpenPGP encryption block modes Bruce Walzer
- Re: [openpgp] OpenPGP encryption block modes Bruce Walzer
- Re: [openpgp] OpenPGP encryption block modes Daniel Huigens
- Re: [openpgp] OpenPGP encryption block modes Werner Koch
- Re: [openpgp] OpenPGP encryption block modes (Was… Stephen Farrell
- Re: [openpgp] OpenPGP encryption block modes (Was… Bruce Walzer
- Re: [openpgp] OpenPGP encryption block modes (Was… Marcus Brinkmann
- Re: [openpgp] OpenPGP encryption block modes (Was… Bruce Walzer
- Re: [openpgp] The Argon2 proposal seems incomplet… Ángel
- Re: [openpgp] The Argon2 proposal seems incomplet… Daniel Kahn Gillmor