David Wagner wrote: > > Enzo Michelangeli wrote: > >OpenPGP tries to detect such "wrong key" situations for > >symmetrically-encrypted packets in a pretty simplistic way, [...] > > The repetition of 16 bits in the 80 bits of random data prefixed to > > the message allows the receiver to immediately check whether the > > session key is incorrect. > > This does not provide message integrity or message authentication. > It provides a much weaker property: If you've decrypted with the wrong > key, this will let you detect that fact. Padding also does that, of course. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
- Re: IBM press release - encryption and authenti... Rich Salz
- Re: IBM press release - encryption and auth... Bram Cohen
- Re: IBM press release - encryption and auth... Paul Crowley
- Re: IBM press release - encryption and authenticatio... Steven M. Bellovin
- Re: IBM press release - encryption and authenti... Enzo Michelangeli
- Re: IBM press release - encryption and auth... Nikita Borisov
- Re: IBM press release - encryption and ... Bram Cohen
- Re: IBM press release - encryption and ... Enzo Michelangeli
- Re: IBM press release - encryption ... David Wagner
- Re: IBM press release - encryp... Enzo Michelangeli
- Re: Re: IBM press release - en... Ben Laurie
- Re: Re: IBM press release - encryption and authentic... sao19677
- Re: IBM press release - encryption and authenticatio... Nikita Borisov
- Re: IBM press release - encryption and authenticatio... William Allen Simpson
- Re: IBM press release - encryption and authenti... David Wagner
- Re: IBM press release - encryption and auth... William Allen Simpson
