Re: Anybody know details about Schneier's "flaw"?

Rodney Thayer <rodney@tillerman.to> Fri, 16 August 2002 01:04 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA21921 for <openpgp-archive@odin.ietf.org>; Thu, 15 Aug 2002 21:04:49 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g7G0qNB06575 for ietf-openpgp-bks; Thu, 15 Aug 2002 17:52:23 -0700 (PDT)
Received: from yancey.pkiclue.com (IDENT:root@[209.172.115.117]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g7G0qLw06568 for <ietf-openpgp@imc.org>; Thu, 15 Aug 2002 17:52:21 -0700 (PDT)
Received: from ferg237.pkiclue.com (IDENT:root@[127.0.0.1]) by yancey.pkiclue.com (8.9.3/8.9.3) with ESMTP id RAA11428; Thu, 15 Aug 2002 17:52:01 -0700
Message-Id: <5.1.1.6.2.20020815174759.02572e28@127.0.0.1>
X-Sender: pkiclue@127.0.0.1
X-Mailer: QUALCOMM Windows Eudora Version 5.1.1
Date: Thu, 15 Aug 2002 17:49:00 -0700
To: Derek Atkins <derek@ihtfp.com>
From: Rodney Thayer <rodney@tillerman.to>
Subject: Re: Anybody know details about Schneier's "flaw"?
Cc: ietf-openpgp@imc.org
In-Reply-To: <sjm1y91wfh7.fsf@kikki.mit.edu>
References: <5.1.1.6.2.20020814093305.01451338@127.0.0.1> <OF94CAB39F.FCF0A0BA-ON86256C15.00507ACA@kodak.com> <OF94CAB39F.FCF0A0BA-ON86256C15.00507ACA@kodak.com> <5.1.1.6.2.20020814093305.01451338@127.0.0.1>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

my point was, requiring implementors to do compression sucks,
in my opinion.  this attack is insufficient justification.

the attack is a social engineering attack.  forcing implementors
to add onerous code to defend against it is not a good idea.

At 12:51 PM 8/14/2002 -0400, Derek Atkins wrote:

>Rodney Thayer <rodney@tillerman.to> writes:
>
> > I think it's got too many odd things in it to require compression.
>
>Indeed.. As I said (perhaps incoherently), the attack only works if
>you DO NOT compress.  If you compress the message then there is no way
>to XOR against the message.