ietf-openpgp
[Top] [All Lists]

V3 secret keys

2006-02-06 11:23:47

OK, I had to resort to reading the PGP 2 source to find out what was
going on here.

In essence its fairly simple, but is _definitely_ no explained by the I-D.

Firstly, v3 CFB does not use the IV in a standard way. Instead, what it
does instead is set the IV to all zeroes and then decrypt the IV and
throw away the result.

Secondly, as I think was correctly explained by someone here (but I
didn't get it, sorry), when "resynchronisation" occurs it means "set the
IV to the last 8 bytes of ciphertext".

Note that for any standard-sized key resynchronisation does _not_ occur,
so people who think they've implemented it from AC are in for a surprise
one day.

Obviously the I-D should be updated to reflect this (and clearly no-one
has ever implemented v3 keys from it).

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

<Prev in Thread] Current Thread [Next in Thread>