http://www.pgp.com/library/ctocorner/openpgp.html
10 Feb 2005 Today, cryptographers Serge Mister and Robert Zuccherato from Entrust released a paper outlining an attack on the way OpenPGP does symmetric cryptography. They have been kind enough to give the OpenPGP community advance notice of their paper, and it is thus the subject of this CTO Corner article, which I'm writing in cooperation with David Shaw of Gnu Privacy Guard (GnuPG), Brian Smith of Hush Communications, Derek Atkins of the OpenPGP Working Group, and Phil Zimmermann. In it, we'll discuss: - What this discovery means to OpenPGP users - Details of the attack and how it works - What software and standards developers are doing about it We in the OpenPGP community feel strongly about the quality of our work and appreciate the trust the world places in us. OpenPGP is arguably the most used and most relied-upon cryptosystem for messages and files. Consequently, it is our obligation to describe any problems with the standard and proposed resolution of those problems. [...] -------------------------------------------------------- Unsere Anschrift und Telefonnummer haben sich geaendert! -------------------------------------------------------- Stefan Kelm Security Consultant Secorvo Security Consulting GmbH Ettlinger Straße 12-14, D-76137 Karlsruhe Tel. +49 721 255171-304, Fax +49 721 255171-100 [EMAIL PROTECTED], http://www.secorvo.de/ ------------------------------------------------------- PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]