-----BEGIN PGP SIGNED MESSAGE-----
There was a recent paper,
<http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html>
describing a flaw in the sign and encrypt function of Open PGP.
the author assumes that is is possible for the recipient
to strip off the encryption from a signed and encrypted pgp message,
leaving only a verified signed message,
and that the ability to do this is ensured in the Open PGP Standard
{afaik} this can be done in pgp only when both the receiver and sender are
using RSA keys,
{can be done only from 2.6.x with the simple one step command:
pgp -da(filename)
which will leave an armored signed message in text form, with a signature
that verifies in any version of pgp
cannot be done in later command line versions of pgp, as the -d command,
will just decrypt, and not leave a signature,
the -b command will do the same.}
the people at sci.crypt seem to feel that as long as the program conforms
to pgp standards, such a separation is *do-able* for any key type, even if
a
custom program must be written to do this.
does anyone know of any way that this separation can be done for a message
signed and encrypted with a DH/dss key,
with pgp, gpg or any other program, and, is it, in-fact, guaranteed by the
Open PGP Standard, that it 'must' be so?
vedaal
-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt _ build 6 http://www.ipgpp.com/
Comment: { Acts of Kindness better the World, and protect the Soul }
Comment: KeyID: 0x6A05A0B785306D25
Comment: Fingerprint: 96A6 5F71 1C43 8423 D9AE 02FD A711 97BA
iQEVAwUBO0CixGoFoLeFMG0lAQFztgf+K+sHFg8bkf2LO4HAsm0sINs4bzBBSKCO
ctXYl75F3B+SrPW58DwvrdOGwkhO75O4vH9tjOzv7SQR+T9mCK0MQWcar3sYM+D9
GpCnFgq6o9HoBcgwr+cp90y2j1/UQPRrcOjh68EEQy1eXLEvNdz4ZjOgK3cootrK
CJSpq2+vX+ki9gRKnZ4LXfCxenNqdHGQkUxXwbBmoJgazeA/orvcNycBJ0CWvCdc
tw41Enm3jbFS5aWPmbk90XaCB9tr5R8cixCqvNGaXPKvefBFtwlZfUSQOcTOv4sW
23YFue0ITIpbru3GGQ6sYaJkSdNnFqKZ/sfSnNlJ0Rhu7Pxf3QJAMw==
=GP0y
-----END PGP SIGNATURE-----
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.263 / Virus Database: 135 - Release Date: 6/22/01