Re: [openpgp] "OpenPGP Simple"
Peter Gutmann <pgut001@cs.auckland.ac.nz> Tue, 17 March 2015 08:18 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FE641A010E for <openpgp@ietfa.amsl.com>; Tue, 17 Mar 2015 01:18:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q-I1e9nkSsOj for <openpgp@ietfa.amsl.com>; Tue, 17 Mar 2015 01:18:12 -0700 (PDT)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02C331A0105 for <openpgp@ietf.org>; Tue, 17 Mar 2015 01:17:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1426580259; x=1458116259; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=dWdL3Z7SAZ5HU6txzJWJnXxxv3pOd4c5tzo5hLweZjw=; b=CPfD2jL+mMCrqEeZLlqERuhuuW7Unyc0ks5EtcbyTeIa3A2lYOwBDCVf fKNh8S5LwUh4N9dDzJySQOjulOXcb3/fi6YddeWtchw/McCQOi11E21LL dyUdUMDkrTBOiVRs6Gu6S3BYj9Uanu3oLoXaX53z+7rnO1iUqVf3PXLzN k=;
X-IronPort-AV: E=Sophos;i="5.11,415,1422874800"; d="scan'208";a="314410774"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.112 - Outgoing - Outgoing
Received: from uxchange10-fe1.uoa.auckland.ac.nz ([130.216.4.112]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 17 Mar 2015 21:17:36 +1300
Received: from UXCN10-5.UoA.auckland.ac.nz ([169.254.5.82]) by uxchange10-fe1.UoA.auckland.ac.nz ([130.216.4.112]) with mapi id 14.03.0174.001; Tue, 17 Mar 2015 21:17:35 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] "OpenPGP Simple"
Thread-Index: AdBgitMQjfm+plu2RpuPH0dl7KWjRg==
Date: Tue, 17 Mar 2015 08:17:35 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C73AAFB3C04@uxcn10-5.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/U3OYOtL3zpn5zTSuOEro_k-ToqE>
Subject: Re: [openpgp] "OpenPGP Simple"
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2015 08:18:25 -0000
Jon Callas <jon@callas.org> writes: >But when you do, take into account that MDC pre-dates HMAC "Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG" was published at ISC'02, the MDC mechanism appeared in OpenPGP drafts around 2000-2001. "Keying Hash Functions for Message Authentication" dates from 1996, predating even the original OpenPGP spec (RFC 2440 from 1998, which doesn't mention MDC). >Standards are compromises, and a good compromise leaves everyone a bit >grumpy. Since those days, I’ve developed an affection for MDC because it sits >in a nether world where related concepts like deniable encryption that also >sound good until you think about them for long enough. See "The Order of Encryption and Authentication for Protecting Communications (Or: How Secure is SSL?)?" from Crypto'01. Peter.
- [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Jon Callas
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" David Leon Gil
- Re: [openpgp] "OpenPGP Simple" David Shaw
- Re: [openpgp] "OpenPGP Simple" David Leon Gil
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" David Shaw
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Jon Callas
- Re: [openpgp] "OpenPGP Simple" Jon Callas
- Re: [openpgp] "OpenPGP Simple" Tim Bray
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Nicholas Cole
- Re: [openpgp] "OpenPGP Simple" Phill
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" David Shaw
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Stephan Somogyi
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Gregory Maxwell
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Gregory Maxwell
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Gregory Maxwell
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" ianG
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" ianG
- Re: [openpgp] "OpenPGP Simple" ianG
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber