ietf-openpgp
[Top] [All Lists]

Re: Fixing the MDC language

2002-09-19 23:55:41

A couple of comments:

First, there is another typo I forgot to mention:

includes all of the plaintext, and then also includes two octets of values
0xD0, 0x14.  These represent the encoding of a Modification Detection Code

The D0 was from an older version of the draft when we were going to
use tag 16 for the MDC packet.  In fact we chose tag 19, so 0xD0 should
be 0xD3.

The other point:

The plaintext of the data to be encrypted is passed through the SHA-1 hash
function, and the result of the hash is appended to the plaintext in a
Modification Detection Code packet.  The input to the hash function includes
the prefix data described above which acts as a weakly keyed hash;

This last sentence is not quite correct, the prefix data per se does not
act as a weakly keyed hash.  It acts as the key to a sort of keyed hash.
But it's not really a normal keyed hash, because the key is usually kept
a lot more secret than our pseudo-IV.

In any case I don't really think we ought to mention this keyed-hash
stuff.  It's not necessary to an implementor, and as a shorthand for
some kind of security analysis it is too brief to be meaningful.  I'd
suggest removing the "which acts as..." clause entirely.

Hal

<Prev in Thread] Current Thread [Next in Thread>