Re: Anybody know details about Schneier's "flaw"?

ietf-openpgp

Re: Anybody know details about Schneier's "flaw"?

2002-08-14 09:34:26


I think it's got too many odd things in it to require compression.
Basically it's a "if you let yourself get social engineered then
your crypto can be used against you" attack.

At 10:50 AM 8/14/2002 -0400, Derek Atkins wrote:

john(_dot_)dlugosz(_at_)kodak(_dot_)com writes:

> Does anybody know more about this?  Can a minor improvement to the new
> -bis draft fix it?

a) this only works if you do NOT compress your messages before you encrypt.
b) this only works if you do NOT sign the message AND you do NOT use an MDC

> --John

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Anybody know details about Schneier's "flaw"?, john . dlugosz Re: Anybody know details about Schneier's "flaw"?, Derek Atkins Re: Anybody know details about Schneier's "flaw"?, Rodney Thayer <= Re: Anybody know details about Schneier's "flaw"?, Derek Atkins Re: Anybody know details about Schneier's "flaw"?, Rodney Thayer Re: Anybody know details about Schneier's "flaw"?, Adam Back Re: Anybody know details about Schneier's "flaw"?, Carl Ellison Re: Anybody know details about Schneier's "flaw"?, Marc Mutz Re: Anybody know details about Schneier's "flaw"?, john . dlugosz Re: Anybody know details about Schneier's "flaw"?, Jon Callas Re: Anybody know details about Schneier's "flaw"?, Lutz Donnerhacke Re: Anybody know details about Schneier's "flaw"?, Dominikus Scherkl Re: Anybody know details about Schneier's "flaw"?, Adrian 'Dagurashibanipal' von Bidder

Previous by Date:	Re: Primary subkey subpacket, Timo Schulz
Next by Date:	Re: Anybody know details about Schneier's "flaw"?, Derek Atkins
Previous by Thread:	Re: Anybody know details about Schneier's "flaw"?, Derek Atkins
Next by Thread:	Re: Anybody know details about Schneier's "flaw"?, Derek Atkins
Indexes:	[Date] [Thread] [Top] [All Lists]