[messaging] Advertising public key in email (was: TOFU to ease PGP key discovery)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Feb 11 13:14:24 PST 2015
On Wed 2015-02-11 15:30:17 -0500, Andy Isaacson wrote:
> On Wed, Feb 11, 2015 at 05:56:44AM -0600, Tom Ritter wrote:
>> PGP has this janky MDC thing
>> http://tools.ietf.org/html/rfc4880#section-5.14 that would prevent a
>> bitflipped message from getting through, but not side channels or
>> attacks on the decryption process.
>
> I'm not certain but I think GnuPG is putting a SHA inside the RSA
> encryption of encrypted-but-not-signed messages. pgpdump on the outer
> message says:
This is indeed the "janky MDC thing" Tom is talking about.
from the spec:
The body of this packet consists of:
- A 20-octet SHA-1 hash of the preceding plaintext data of the
Symmetrically Encrypted Integrity Protected Data packet,
including prefix data, the tag octet, and length octet of the
Modification Detection Code packet.
--dkg
More information about the Messaging
mailing list