ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] AEAD Chunk Size

2019-03-19 02:35:34
from [Werner Koch] [Permanent Link] 
On Mon, 18 Mar 2019 14:11, frantz(_at_)pwpconsult(_dot_)com said:


To protect against truncation attacks you can borrow an idea from the
database people and not commit your changes until you have a complete
message.


Right.  And you need to do that anyway because authenticated encryption
doesn't tell you anything about the origin of the message and thus you
need to check the signature of the message after it has been completely
decrypted (at least with OpenPGP and CMS).  Anyone can send malicious
content and AE doesn't protect against processsing such content.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Deprecating compression support, Jon Callas
Next by Date:  Re: [openpgp] AEAD Chunk Size, Neal H. Walfield
Previous by Thread:  Re: [openpgp] AEAD Chunk Size, Bill Frantz
Next by Thread:  Re: [openpgp] AEAD Chunk Size, Neal H. Walfield
Indexes:  [Date] [Thread] [Top] [All Lists]