On Fri, 31 Jan 2014 08:39, micha...@gmx.de said: > you are a legitimate sender. I don't know how gpg does it, in academic > signature I use an hmac to protect solely symmetrically enciphered
OpenPGP defines a MDC feature to detect tampering with the encrypted message. It works by appending the SHA-1 digest to the plaintext and include it in the encryption process. On decryption the decrypted plaintext is hashed again and the digest compared to the just decrypted digest. This deliberately works without a key (as in a MAC) to provide deniability for a encrypted-only message. The MDC feature is in use for about 14 years. RFC-4880 has alo the details. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
