On Friday, February 19, 2016 at 10:26:36 AM UTC-6, Tony Arcieri wrote: > failure to authenticate the ciphertext leads to a class of ciphertext > malleability attacks we keep describing
Please describe one such attack, that applies to data at rest, where the attacker is not able to have the system to decrypt arbitrary data, as is the case here. If I understand properly the malleable data attacks you've described so far depend on the system trying to decrypt subtly modified ciphertexts using the real key for a wide range of ciphertexts. I'm guessing you won't be able to convince the user to enter a password to decrypt thousands or millions of variations on their file in Vim. And if you can, you're probably running a process on the user's system, in which case you should just capture their password, or install a plugin to dump any previously encrypted file to plaintext, and be done with it. If there is a weakness here that will theoretically allow someone to scrape a Vim-encypted file off a discarded USB stick, and somehow read it, then I will certainly call it broken and will advocate for adding authentication. As it stands, in Vim's particular case, it seems like a "nice to have" feature, not "required for confidentiality". -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
