[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encrypt then sign insecure?

To: "Hal Finney" <hal@xxxxxxxxxx>
Subject: Re: Encrypt then sign insecure?
From: Bruce Lilly <blilly@xxxxxxxxx>
Date: Sun, 14 Aug 2005 18:32:17 -0400
Cc: ietf-openpgp@xxxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Organization: Bruce Lilly
References: <>
Reply-to: Bruce Lilly <blilly@xxxxxxxxx>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: KMail/1.8.2

On Sun August 14 2005 12:36, Hal Finney wrote:
> 
> I have changed the subject line as this is in regard to Ben's citation
> of Hugo Krawczyk's paper on the order of signing and encryption,
> http://eprint.iacr.org/2001/045, also published in Crypto 01.
> 
> This paper doesn't apply to systems like OpenPGP which compose public
> key signatures with public key encryption.  Rather, it investigates the
> composition of symmetric encryption (e.g. AES) with MAC.

The same cannot be said of Davis' analysis of issues in
http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html

Follow-Ups:
- Re: Encrypt then sign insecure?
  - From: Jon Callas

References:
- Encrypt then sign insecure?
  - From: "Hal Finney"

Prev by Date: Re: Applicability of signed messages as proof of sending
Next by Date: Re: "The OpenPGP mail and news header" extenssion
Previous by thread: Encrypt then sign insecure?
Next by thread: Re: Encrypt then sign insecure?
Index(es):
- Date
- Thread