Re: [openpgp] AEAD Chunk Size

On Tue, 19 Mar 2019 11:01:20 +0100,
Werner Koch wrote:

I agree with you that AEAD + signed chunks is even better.  But,
streaming AEAD still provides a significant improvement relative to
the status quo: it protects against EFAIL-style exfiltration attacks.


Neal: Please stop spreading false information.  Our MDC already protects
against this (old) kind of attack.  We implemented the new AE algorithms
merely for cryptographic cleanness and speed.


Thanks, I guess I've misunderstood the issue.  Can you please explain
how the MDC helps protect against ciphertext modification in the
streaming case, as that it still not clear to me.

Thanks!

:) Neal

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [openpgp] AEAD Chunk Size, (continued) Re: [openpgp] AEAD Chunk Size, Neal H. Walfield Re: [openpgp] AEAD Chunk Size, Tobias Mueller Re: [openpgp] AEAD Chunk Size, Vincent Breitmoser Re: [openpgp] AEAD Chunk Size, Peter Pentchev Re: [openpgp] AEAD Chunk Size, Vincent Breitmoser Re: [openpgp] AEAD Chunk Size, Neal H. Walfield Re: [openpgp] AEAD Chunk Size, Bill Frantz Re: [openpgp] AEAD Chunk Size, Werner Koch Re: [openpgp] AEAD Chunk Size, Neal H. Walfield Re: [openpgp] AEAD Chunk Size, Werner Koch Re: [openpgp] AEAD Chunk Size, Neal H. Walfield <= Re: [openpgp] AEAD Chunk Size, Tobias Mueller Re: [openpgp] AEAD Chunk Size, Vincent Breitmoser Re: [openpgp] AEAD Chunk Size, Vincent Breitmoser Re: [openpgp] AEAD Chunk Size, Neal H. Walfield Re: [openpgp] AEAD Chunk Size, Tobias Mueller Re: [openpgp] AEAD Chunk Size, Neal H. Walfield Re: [openpgp] AEAD Chunk Size, Neal H. Walfield Re: [openpgp] AEAD Chunk Size, Tobias Mueller Re: [openpgp] AEAD Chunk Size, Werner Koch Message not available Re: [openpgp] AEAD Chunk Size, Vincent Breitmoser