On Mon, 11 Jan 2010 13:06:03 -0500, lists.gnupg-us...@mephisto.fastmail.net
wrote:
Forgive me, but how is a MitM attack possible against a symmetric cypher
using a shared, secret key?
For example by swapping messages. Two messages are sent on two
out-of-band events one which says Yes and the
On Sun, 10 Jan 2010 14:02 +0100, Werner Koch w...@gnupg.org wrote:
On Sun, 10 Jan 2010 04:44:35 -0500, ved...@hush.com wrote:
symmetrical encryption is a simple way to avoid signing, while
still maintaining relative reliability of knowledge as to who sent
the message
That is not
On Fri, 08 Jan 2010 15:03:53 -0500 Benjamin Donnachie benja...@py-
soft.co.uk wrote:
2010/1/8 ved...@hush.com:
At any rate, it seems disturbingly easy to distinguish between
symmetrically encrypted messages having only the word 'yes' or
'no'
just by 'looking' at the ciphertext.
i. Don't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 10th 2010 in gnupg-users@gnupg.org thread very short
plaintexts symmetrically encrypted
then there should be some sort of alert or advisory that the
plaintext should be a minimum length (whatever that minimum length or
alert/advisory should
have been playing around with symmetrical encryption, and noticed
something potentially concerning.
Here are 6 symmetrically encrypted short plaintexts:
-BEGIN PGP MESSAGE-
Version: GnuPG v1.4.9 (MingW32)
Comment: passphrase sss
2010/1/8 ved...@hush.com:
At any rate, it seems disturbingly easy to distinguish between
symmetrically encrypted messages having only the word 'yes' or 'no'
just by 'looking' at the ciphertext.
i. Don't send such short messages
ii. Don't use symmetric encryption.
Ben