[Top] [All Lists]

Re: Chained Encrypted Data Packets?

1999-11-08 16:14:14
In <v04210100b44cd72f63dc(_at_)[204(_dot_)254(_dot_)20(_dot_)189]>, on 11/08/99 
   at 11:42 AM, Jon Callas <jon(_at_)callas(_dot_)org> said:

Is this a good idea? Should I allow this? Anyone, anyone, Implementers?

Note -- after this was suggested, I argued that nothing in 2440 forbids
someone from doing this. Should I specifically encourage it?


I don't have a problem with it so long as it is clearly documented.

I am assuming what they are doing is generating a symetric key and then
encrypting the file in individual 512 byte sectors on the disk (assuming
the file system uses 512 byte sectors). I don't see a problem with this
other than the packet overhead from having multiple packets used to
encrypt a message.

How are they going to handle the padding if the data for the last packet
is smaller than their fixed length requirments (ie 10 bytes of data for a
512 byte packet)?

Date: Thu, 26 Nov 1998 15:14:38 +0100
From: Andrea Halter <awhalter(_at_)stud(_dot_)ee(_dot_)ethz(_dot_)ch>
Organization: Kuesnachter Schwimm-Verein
To: ietf-open-pgp(_at_)imc(_dot_)org
CC: Marcel Waldvogel <mwa(_at_)tik(_dot_)ee(_dot_)ethz(_dot_)ch>
Subject: Semantics of having multiple encrypted data packets

To provide for random read/write semantics, we would like to chain
multiple Symmetrically Encrypted Data Packets, each of constant length.
In RFC 2440, this is not listed as one of the message formats.

Therefore, we suppose that our approach is not standards compliant. But
does any of you see a better way to support random access without
re-encrypting the whole message each time? Will other implementations be
able to understand this? Could we even tweak the standard into this
direction (ignoring that we're a few weeks late)?

Andi, Marcel

William H. Geiger III            
Geiger Consulting    

Data Security & Cryptology Consulting
Programming, Networking, Analysis
PGP for OS/2:         

<Prev in Thread] Current Thread [Next in Thread>