Re: secure sign & encrypt
Derek Atkins <warlord@mit.edu> Thu, 23 May 2002 18:54 UTC
Received: from above.proper.com (mail.imc.org [208.184.76.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA22880 for <openpgp-archive@odin.ietf.org>; Thu, 23 May 2002 14:54:35 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g4NIlYu11003 for ietf-openpgp-bks; Thu, 23 May 2002 11:47:34 -0700 (PDT)
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4NIlWL10999 for <ietf-openpgp@imc.org>; Thu, 23 May 2002 11:47:32 -0700 (PDT)
Received: from central-city-carrier-station.mit.edu (CENTRAL-CITY-CARRIER-STATION.MIT.EDU [18.7.7.72]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id OAA27966; Thu, 23 May 2002 14:47:33 -0400 (EDT)
Received: from manawatu-mail-centre.mit.edu (MANAWATU-MAIL-CENTRE.MIT.EDU [18.7.7.71]) by central-city-carrier-station.mit.edu (8.9.2/8.9.2) with ESMTP id OAA15198; Thu, 23 May 2002 14:47:32 -0400 (EDT)
Received: from gorf.mit.edu (GORF.MIT.EDU [18.18.1.77]) by manawatu-mail-centre.mit.edu (8.9.2/8.9.2) with ESMTP id OAA12253; Thu, 23 May 2002 14:47:32 -0400 (EDT)
Received: (from warlord@localhost) by gorf.mit.edu (8.9.3) id OAA17645; Thu, 23 May 2002 14:47:32 -0400
To: disastry@saiknes.lv
Cc: ietf-openpgp@imc.org
Subject: Re: secure sign & encrypt
References: <3CED0510.A968E4DC@saiknes.lv> <3CED262D.657EB83F@saiknes.lv>
From: Derek Atkins <warlord@mit.edu>
Date: Thu, 23 May 2002 14:47:27 -0400
In-Reply-To: <3CED262D.657EB83F@saiknes.lv>
Message-ID: <sjmy9ea1z28.fsf@gorf.mit.edu>
Lines: 60
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
This doesn't help. Any recipient could re-encrypt the message and change the list of encrypted recipients. -derek disastry@saiknes.lv writes: > disastry wrote: > > fake pubkey encryption packets can be added > > by man in the middle so that recipient thinks that message was encrypted > > to him and to other preson. > > > > I wrote about it here: > > http://lists.gnupg.org/pipermail/gnupg-devel/2001-August/006285.html > > I think this can be solved by modifying > Sym. Encrypted Integrity Protected Data Packet (Tag 18). > > Now it is: > > version byte == 1 > encrypted data > > encrypted data consists of: > encrypted iv > encrypted plaintext > encrypted Modification Detection Code Packet (Tag 19) > > I suggest: > > version byte == 2 > encrypted data > > encrypted data consists of: > encrypted iv > encrypted Recipients packet (Tag 20) > (put it before plaintext - if it would be after it would > be difficult to find where plaintext ends, when decrypting) > encrypted plaintext > encrypted Modification Detection Code Packet (Tag 19) > > Recipients packet > version byte == 1 > number of recipients, 2 bytes (should be enough..) > number_of_recipients*20 byte list of fingerprints recipient keys > (16 byte RSA v3 key fingerprints are appended with 4 zeros > (or maybe with 4 lowest keyid bytes? I think, it's even better)) > > > this ensures that recipient list is intact not only for signed & encrypted messages > but also for encrypted only messages. > > __ > Disastry http://disastry.dhs.org/ -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH warlord@MIT.EDU PGP key available
- secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Peter Gutmann
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt David P. Kemp
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Dominikus Scherkl
- Re: secure sign & encrypt disastry
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt disastry
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Peter Gutmann
- Re: secure sign & encrypt Michael Young
- Re: secure sign & encrypt Paul Hoffman / IMC
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Brian M. Carlson
- Re: secure sign & encrypt Jon Callas
- Re: secure sign & encrypt Adrian 'Dagurashibanipal' von Bidder
- RE: secure sign & encrypt john.dlugosz
- RE: secure sign & encrypt Terje Braaten