10 Feb 2005
Today, cryptographers Serge Mister and Robert Zuccherato from Entrust
released a paper outlining an attack on the way OpenPGP does symmetric
cryptography. They have been kind enough to give the OpenPGP community
advance notice of their paper, and it is thus the subject of this CTO
Corner article, which I'm writing in cooperation with David Shaw of Gnu
Privacy Guard (GnuPG), Brian Smith of Hush Communications, Derek Atkins
of the OpenPGP Working Group, and Phil Zimmermann. In it, we'll discuss:

 - What this discovery means to OpenPGP users
 - Details of the attack and how it works
 - What software and standards developers are doing about it

We in the OpenPGP community feel strongly about the quality of our work
and appreciate the trust the world places in us. OpenPGP is arguably the
most used and most relied-upon cryptosystem for messages and files.
Consequently, it is our obligation to describe any problems with the
standard and proposed resolution of those problems.

Unsere Anschrift und Telefonnummer haben sich geaendert!
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Straße 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to