the following demonstration of an incompatiblity in symmetric encryption
was reported in alt.security.pgp:
----- Original Message -----
From: "Falissard" <th(_dot_)falissard(_at_)etic(_dot_)fr>
Newsgroups: alt.security.pgp,comp.security.pgp.tech
Sent: Monday, March 31, 2003 4:24 PM
Subject: GnuPG (good) and PGP (bad) encryption
For specialists only...
Here is one case where PGP is not as clever as GnuPG...
The following conventionally encrypted data
decrypts well with GnuPG, ** not ** with PGP ("bad packet").
The passphrase is "test".
Nothing special here regarding algorithms (Cast5 + MD5).
The thing that I suspect is that PGP does not always
accept packets with indeterminate length, while
it's OK for GnuPG.
(I deliberately encrypted a compressed
packet with indeterminate length.)
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.0.6 (MingW32)
Comment: For info see http://www.gnupg.org
wwQEAwAByf8AAAAyEXrKTVH2DEz0lKVsP6ZpFJySpLkH+ha6WY3EXlj7Phjgdm0c
cRg0WUWFpllUCMJqzPk=
=hHJq
-----END PGP MESSAGE-----
is the 'indeterminate packet length' issue a contrived exception, that
would not be expected to occur with ordinary use,
or is it something that needs to be addressed?
tia,
vedaal
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Big $$$ to be made with the HushMail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427