does this weakness actualy affect GPG (also useing ElGamal)
and can someone tell me, why my one signature is sometimes good, and sometimes bad when i send signed mails to myself? (useing mutt. got bad signature when i just used ,,sign'', when i called ,,sign as'' before, and chosed my own key (my public one?? strange), i got a good signature. i will try again) jeah, and why does GPG say ,,gpg: this cipher algorithm is depreciated; please use a more standard one!'' when i use ElGamal to encrypt (what else can i use?) Scott Miller (Wed, Sep 05, 2001 at 11:48:23AM -0700): > ElGamal, the current P/K encryption in .4 has some weaknesses with > chosen-ciphertext attacks that make breaking ElGamal easier than > breaking the underlying discrete logarithm problem. > > For that reason I've written a replacement algorithm, DLES, described in > the paper "DHAES: An Encryption Scheme Based on the Diffie-Hellman > Problem", (1998) by Abdalla, Bellare, Rogaway. > > The algorithm has about the same performance as ElGamal (2 modexps for > encrypt, 1 to decrypt), but provides much stronger security guarantees. > In addition, the algorithm involves a keyed message authentication code, > for which we'll be using HMAC. The mac lets Bob know if the encrypted > quantity will actually decrypt to valid data and not gibberish. For > this reason, we would be able to eliminate the 0x00000000 we encrypt at > the beginning of a restart request, which would eliminate a possible > partial known-plaintext attack. > > Comments? > > Scott > > _______________________________________________ > Devl mailing list > [EMAIL PROTECTED] > http://lists.freenetproject.org/mailman/listinfo/devl -- moritz .------------------------------+------------------------+----------------------. | mailto:[EMAIL PROTECTED] | http://1723.net/ | ICQ: 110110488 | |------------------------------+------------------------+----------------------| | GPG public key : http://1723.net/key.asc | | GPG fingerprint : 3A28 6770 E4F5 1C14 52CF 3BCA 5059 3525 A95F FD15 | ´------------------------------------------------------------------------------´ _______________________________________________ Chat mailing list [EMAIL PROTECTED] http://lists.freenetproject.org/mailman/listinfo/chat