Re: Klima/Rosa attack (was: Re: Diffs for next draft)
disastry@saiknes.lv Fri, 24 August 2001 17:00 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA09658 for <openpgp-archive@odin.ietf.org>; Fri, 24 Aug 2001 13:00:43 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id f7OGmJc24677 for ietf-openpgp-bks; Fri, 24 Aug 2001 09:48:19 -0700 (PDT)
Received: from HACKSERV.saiknes.lv (hackserv.saiknes.lv [195.2.103.8]) by above.proper.com (8.11.6/8.11.3) with SMTP id f7OGmHD24673 for <ietf-openpgp@imc.org>; Fri, 24 Aug 2001 09:48:17 -0700 (PDT)
Received: from saiknes.lv (unverified [127.0.0.1]) by 127.0.0.1 (EMWAC SMTPRS 0.83) with SMTP id <B0000079168@127.0.0.1>; Fri, 24 Aug 2001 17:43:14 +0200
Message-ID: <3B868422.A576C2D3@saiknes.lv>
Date: Fri, 24 Aug 2001 18:43:14 +0200
From: disastry@saiknes.lv
Organization: .NO.SPaM.NET
X-Mailer: Mozilla 4.78 [en] (Windows NT 5.0; U)
X-Accept-Language: en,lv,ru
MIME-Version: 1.0
To: ietf-openpgp@imc.org
Subject: Re: Klima/Rosa attack (was: Re: Diffs for next draft)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Edwin Woudt wrote: > Jon Callas <jon@callas.org> replied: > > > > I think an S2K that includes a hash is only mildly hackish, myself. I'd > > support this. I'd even support an additional one that is merely salted > > with a hash. > > > I disagree. As Werner Koch already pointed out, the 'correct' solution is > to introduce version 5 of the secret key packet. I however do not think > that there is any real reason for introducing a v5 public key packet, given > that nothing changed for public key packets. > > Keeping v4 public key packets will make sure nothing is broken with regard > to exchanging public keys. Exchanging secret keys with older > implementations will be broken in both cases anyway, because of the new s2k > type. > > Edwin v5 seckey packet will broke seckey exchange with older versions, while new s2k not - it will still be possible to import seckey in older ver with aged workaround - unprotect them, export, import into older ver, protect again. == <EOF> == Disastry http://i.am/disastry/ http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon ^--GPG for Win32 (supports loadable modules and IDEA) ^---PGP 2.6.3ia-multi04 (supports IDEA, CAST5, BLOWFISH, TWOFISH, AES, 3DES ciphers and MD5, SHA1, RIPEMD160 hashes) -----BEGIN PGP SIGNATURE----- Version: Netscape PGP half-Plugin 0.14 by Disastry / PGPsdk v1.7.1 iQA/AwUBO4ZntDBaTVEuJQxkEQMjSACg7AnKTW18uAAmrmiAqwysCU4WKkoAoNHq Cl75N3ysOGDYGqp5In6YJpbZ =/i+s -----END PGP SIGNATURE-----