Re: [openpgp] AEAD Chunk Size

Werner Koch <wk@gnupg.org> Tue, 19 March 2019 07:35 UTC

From: Werner Koch <wk@gnupg.org>
To: Bill Frantz <frantz@pwpconsult.com>
Cc: openpgp@ietf.org
References: <r480Ps-10143i-149CE78B9B3A43A29B3D767B6660A08D@Williams-MacBook-Pro.local>
Organisation: GnuPG e.V.
Mail-Followup-To: Bill Frantz <frantz@pwpconsult.com>, openpgp@ietf.org
Date: Tue, 19 Mar 2019 08:30:22 +0100
In-Reply-To: <r480Ps-10143i-149CE78B9B3A43A29B3D767B6660A08D@Williams-MacBook-Pro.local> (Bill Frantz's message of "Mon, 18 Mar 2019 14:11:41 -0700")
Message-ID: <87r2b348z5.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=Mahmoud_Ahmadinejad_dictionary_PPP_rhost_COSMOS_Cartel_de_Golfo_NATI"; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/SWf6eJKGhXrDbj8tTMPJHVIV4gU>
Subject: Re: [openpgp] AEAD Chunk Size
Precedence: list

On Mon, 18 Mar 2019 14:11, frantz@pwpconsult.com said:

> To protect against truncation attacks you can borrow an idea from the
> database people and not commit your changes until you have a complete
> message.

Right.  And you need to do that anyway because authenticated encryption
doesn't tell you anything about the origin of the message and thus you
need to check the signature of the message after it has been completely
decrypted (at least with OpenPGP and CMS).  Anyone can send malicious
content and AE doesn't protect against processsing such content.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Attachment: signature.asc

Re: [openpgp] AEAD Chunk Size Justus Winter
[openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Vincent Breitmoser
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Ronald Tse
Re: [openpgp] AEAD Chunk Size Ronald Tse
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Hanno Böck
Re: [openpgp] AEAD Chunk Size - Performance Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size - Performance Bart Butler
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size brian m. carlson
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size - Performance Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Sebastian Schinzel
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Werner Koch
Re: [openpgp] AEAD Chunk Size Vincent Breitmoser
Re: [openpgp] AEAD Chunk Size Sebastian Schinzel
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Werner Koch
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Werner Koch
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Vincent Breitmoser
Re: [openpgp] AEAD Chunk Size Peter Pentchev
Re: [openpgp] AEAD Chunk Size Vincent Breitmoser
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Vincent Breitmoser
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Vincent Breitmoser
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Bill Frantz
[openpgp] WTF (Re: AEAD Chunk Size) Andre Heinecke
Re: [openpgp] AEAD Chunk Size Werner Koch
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Werner Koch
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Marcus Brinkmann
Re: [openpgp] AEAD Chunk Size Nickolay Olshevsky
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Tobias Mueller
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Bill Frantz
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Marcus Brinkmann
Re: [openpgp] AEAD Chunk Size Bill Frantz
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Peter Gutmann
Re: [openpgp] AEAD Chunk Size Peter Gutmann
Re: [openpgp] AEAD Chunk Size Peter Gutmann
Re: [openpgp] AEAD Chunk Size Peter Gutmann
Re: [openpgp] AEAD Chunk Size Bill Frantz
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Marcus Brinkmann
Re: [openpgp] AEAD Chunk Size Marcus Brinkmann
Re: [openpgp] AEAD Chunk Size Peter Gutmann
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Peter Gutmann
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Wyllys Ingersoll
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size brian m. carlson
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Benjamin Kaduk
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Benjamin Kaduk
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Peter Gutmann
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Benjamin Kaduk
Re: [openpgp] AEAD Chunk Size Conrado P. L. Gouvêa
Re: [openpgp] AEAD Chunk Size Conrado P. L. Gouvêa
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Neal H. Walfield
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Jon Callas
Re: [openpgp] AEAD Chunk Size Heiko Stamer
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Bart Butler
Re: [openpgp] AEAD Chunk Size Derek Atkins
Re: [openpgp] AEAD Chunk Size Werner Koch
Re: [openpgp] AEAD Chunk Size Benjamin Kaduk
Re: [openpgp] [EXT] Re: AEAD Chunk Size Neil Hunsperger

Re: [openpgp] AEAD Chunk Size

Attachment: signature.asc