RE: secure sign & encrypt
Terje Braaten <Terje.Braaten@concept.fr> Thu, 23 May 2002 20:21 UTC
Received: from above.proper.com (mail.imc.org [208.184.76.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA25697 for <openpgp-archive@odin.ietf.org>; Thu, 23 May 2002 16:21:04 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id g4NKC1S13245 for ietf-openpgp-bks; Thu, 23 May 2002 13:12:01 -0700 (PDT)
Received: from csexch.Conceptfr.net (mail.concept-agresso.com [194.250.222.1]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4NKBxL13238 for <ietf-openpgp@imc.org>; Thu, 23 May 2002 13:11:59 -0700 (PDT)
Received: by csexch.Conceptfr.net with Internet Mail Service (5.5.2653.19) id <LPCP1MVW>; Thu, 23 May 2002 22:09:26 +0200
Message-ID: <1F4F2D8ADFFCD411819300B0D0AA862E29ABF5@csexch.Conceptfr.net>
From: Terje Braaten <Terje.Braaten@concept.fr>
To: 'Derek Atkins' <warlord@mit.edu>, disastry@saiknes.lv
Cc: ietf-openpgp@imc.org
Subject: RE: secure sign & encrypt
Date: Thu, 23 May 2002 22:09:25 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by above.proper.com id g4NKC0L13239
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 8bit
Derek Atkins <warlord@mit.edu> wrote: > > This doesn't help. Any recipient could re-encrypt the message and > change the list of encrypted recipients. > Sure it helps against the man in the middle that disastry wanted to protect against. Any recipient of an encrypted message can do what he like with it anyway, so no of course it does not help against any unfaithful recipient. -- Terje BrĂ¥ten > > disastry wrote: > > > fake pubkey encryption packets can be added > > > by man in the middle so that recipient thinks that > message was encrypted > > > to him and to other preson. > > > > > > I wrote about it here: > > > > http://lists.gnupg.org/pipermail/gnupg-devel/2001-August/006285.html > > > > I think this can be solved by modifying > > Sym. Encrypted Integrity Protected Data Packet (Tag 18). > > > > Now it is: > > > > version byte == 1 > > encrypted data > > > > encrypted data consists of: > > encrypted iv > > encrypted plaintext > > encrypted Modification Detection Code Packet (Tag 19) > > > > I suggest: > > > > version byte == 2 > > encrypted data > > > > encrypted data consists of: > > encrypted iv > > encrypted Recipients packet (Tag 20) > > (put it before plaintext - if it would be after it would > > be difficult to find where plaintext ends, when decrypting) > > encrypted plaintext > > encrypted Modification Detection Code Packet (Tag 19) > > > > Recipients packet > > version byte == 1 > > number of recipients, 2 bytes (should be enough..) > > number_of_recipients*20 byte list of fingerprints recipient keys > > (16 byte RSA v3 key fingerprints are appended with 4 zeros > > (or maybe with 4 lowest keyid bytes? I think, it's > even better)) > > > > > > this ensures that recipient list is intact not only for > signed & encrypted messages > > but also for encrypted only messages. > > > > __ > > Disastry http://disastry.dhs.org/ > > -- > Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory > Member, MIT Student Information Processing Board (SIPB) > URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH > warlord@MIT.EDU PGP key available >
- secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt vedaal
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Hal Finney
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Jon Callas
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Peter Gutmann
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt David P. Kemp
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Matthew Byng-Maddick
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Dominikus Scherkl
- RE: secure sign & encrypt Dominikus Scherkl
- Re: secure sign & encrypt disastry
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt disastry
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Derek Atkins
- Re: secure sign & encrypt Derek Atkins
- RE: secure sign & encrypt Terje Braaten
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Peter Gutmann
- Re: secure sign & encrypt Michael Young
- Re: secure sign & encrypt Paul Hoffman / IMC
- RE: secure sign & encrypt Terje Braaten
- Re: secure sign & encrypt Brian M. Carlson
- Re: secure sign & encrypt Jon Callas
- Re: secure sign & encrypt Adrian 'Dagurashibanipal' von Bidder
- RE: secure sign & encrypt john.dlugosz
- RE: secure sign & encrypt Terje Braaten