Re: secure sign & encrypt
"vedaal" <vedaal@hotmail.com> Tue, 21 May 2002 18:32 UTC
Received: from above.proper.com (mail.imc.org [208.184.76.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA23512 for <openpgp-archive@odin.ietf.org>; Tue, 21 May 2002 14:32:25 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id g4LIOSF01831 for ietf-openpgp-bks; Tue, 21 May 2002 11:24:28 -0700 (PDT)
Received: from hotmail.com (oe23.law3.hotmail.com [209.185.240.16]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4LIOQL01827 for <ietf-openpgp@imc.org>; Tue, 21 May 2002 11:24:26 -0700 (PDT)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 21 May 2002 11:24:19 -0700
X-Originating-IP: [207.127.12.210]
From: vedaal <vedaal@hotmail.com>
To: ietf-openpgp@imc.org
References: <1F4F2D8ADFFCD411819300B0D0AA862E29ABE3@csexch.Conceptfr.net><OE32bjKoMFYsDSzhxRz00000360@hotmail.com><sjmptzp7epw.fsf@kikki.mit.edu><OE46AW4eE2FGwQ21ju200000454@hotmail.com> <sjmhel15v2l.fsf@kikki.mit.edu>
Subject: Re: secure sign & encrypt
Date: Tue, 21 May 2002 14:20:45 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4807.1700
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700
Message-ID: <OE23IwQO3OhV84dqBHk00000629@hotmail.com>
X-OriginalArrivalTime: 21 May 2002 18:24:19.0023 (UTC) FILETIME=[B8AE0DF0:01C200F4]
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
----- Original Message ----- From: "Derek Atkins" <derek@ihtfp.com> To: "vedaal" <vedaal@hotmail.com> Cc: <ietf-openpgp@imc.org> Sent: Tuesday, May 21, 2002 12:23 PM Subject: Re: secure sign & encrypt > > Also, could the MDC be utilized to prevent such substitutions, by detecting > > alterations of any of the packets? > > No, because the MDC could be recreated as well. The MDC is tied to K > but has no signature associated with it to tie it to the actual > sender. It seems that one thing that is definitely different in a message that is sent as 'sign and encrypt', and one that is re-encrypting a signed message, is the time in which it is being done. An authentic 'sign and encrypt' message, has the signature and encryption done within seconds of each other. If there could be a packet added linking the time of encryption to the time of signing, {including elapsed time in seconds [or 0.00x seconds], and therefore not attackable by trying to re-set the re-encrypting computer to the time recorded in the original signed message.} and that packet tied to an MDC, it might serve as a means of detection of re-encrypted signed messages. It should be able to be done without affecting backward compatibility, and those using earlier implementations, could accomplish the same thing (if really necessary), by using [encrypt, sign & encrypt]. --just a thought, vedaal
- secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Peter Gutmann
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt David P. Kemp
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Dominikus Scherkl
- Re: secure sign & encrypt disastry
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt disastry
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Peter Gutmann
- Re: secure sign & encrypt Michael Young
- Re: secure sign & encrypt Paul Hoffman / IMC
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Brian M. Carlson
- Re: secure sign & encrypt Jon Callas
- Re: secure sign & encrypt Adrian 'Dagurashibanipal' von Bidder
- RE: secure sign & encrypt john.dlugosz
- RE: secure sign & encrypt Terje Braaten