[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Phil Zimmermann's suggestion for large ciphers

To: ietf-open-pgp@xxxxxxx
Subject: Re: Phil Zimmermann's suggestion for large ciphers
From: Werner Koch <wk@xxxxxxxxxxxxxxxxx>
Date: Tue, 13 Apr 1999 09:48:14 +0200
In-reply-to: <9904122321.AA24998@xxxxxxxxxxxxxxxxxxx>; from uri on Mon, Apr 12, 1999 at 07:21:13PM -0400
List-archive: <http://www.imc.org/ietf-open-pgp/mail-archive/>
List-unsubscribe: <mailto:ietf-open-pgp-request@imc.org?body=unsubscribe>
Mail-followup-to: ietf-open-pgp@xxxxxxx
References: <199904122159.OAA02053@xxxxxxxxxxxxxxx> <9904122321.AA24998@xxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-open-pgp@xxxxxxx

uri <uri@xxxxxxxxxxxxxx> writes:

> Make the "pseudo-IV" prefix partially non-random - i.e. the last two 
> bytes being checksum for the other 14. No big deal security-wise and
> noticeable help in detecting the right key.

I aggree as this will help detecting bad keys for conventional-only
encrypted data.

> So? Compared to cost of one RSA or DSA operation, one SHA-1 is negligible.
> Who cares?

Hashing 700 Mges takes a while and sometimes conventional only
encryption is used.  But IMHO it is worth this time.  If someone 
does not like it, he can still use packet type 9 and the specs 
shoudl say that an implemention SHOULD display a notice if a 
cipher >= 7 is used without a MDC. 

-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013

Follow-Ups:
- Re: Phil Zimmermann's suggestion for large ciphers
  - From: Paul Koning

References:
- Phil Zimmermann's suggestion for large ciphers
  - From: hal
- Re: Phil Zimmermann's suggestion for large ciphers
  - From: uri

Prev by Date: Re: Phil Zimmermann's suggestion for large ciphers
Next by Date: Packet 5,7 and blocksizes
Previous by thread: Re: Phil Zimmermann's suggestion for large ciphers
Next by thread: Re: Phil Zimmermann's suggestion for large ciphers
Index(es):
- Date
- Thread