On Sat, Dec 23, 2017 at 08:28 +0000, Trevor Perrin wrote:
> On Sat, Dec 23, 2017 at 12:23 AM, Vincent Breitmoser
> <look@my.amazin.horse> wrote:
> >> The recipient of this message will accept and use the incorrect
> >> gossiped keys for group replies, thus sending unreadable messages.
> >
> > I don't think that's right? Keys received directly take precedence over
> > gossip keys, so everyone who participates in the group and has sent at
> > least a single message, will no longer have his key overridden within
> > that group.
> 
> Sure, but anyone in the group who *hasn't* sent a recent message to
> all other group members is at risk of having their key overridden by
> an outsider.

If an outsider gets into people's inboxes with maliciously gossiped keys:

- to do any more than annoy people, the outsider
  also needs to be able to intercept messages to make
  use of injecting the keys

- any MUA that keeps track of when and from whom it 
  received keys could identify the outsider's interference
  (maybe with an additional out-of-band verification step
  with one of the "overriden" affected key holders)

IOW, how do you imagine this attack to practically
happen and have interesting (for the outsider) effects? 

holger
_______________________________________________
Messaging mailing list
Messaging@moderncrypto.org
https://moderncrypto.org/mailman/listinfo/messaging

Reply via email to