On Mon, 11 Jan 2010 13:06:03 -0500, lists.gnupg-us...@mephisto.fastmail.net
wrote:
> Forgive me, but how is a MitM attack possible against a symmetric cypher
> using a shared, secret key?
For example by swapping messages. Two messages are sent on two
out-of-band events one which says Yes and th
On Sun, 10 Jan 2010 14:02 +0100, "Werner Koch" wrote:
> On Sun, 10 Jan 2010 04:44:35 -0500, ved...@hush.com wrote:
>
> > symmetrical encryption is a simple way to avoid signing, while
> > still maintaining relative reliability of knowledge as to who sent
> > the message
>
> That is not true.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 10th 2010 in gnupg-users@gnupg.org thread "very short
plaintexts symmetrically encrypted"
>then there should be some sort of alert or advisory that the
>plaintext should be a minimum length (whatever that minimum length or
On Sun, 10 Jan 2010 04:44:35 -0500, ved...@hush.com wrote:
> symmetrical encryption is a simple way to avoid signing, while
> still maintaining relative reliability of knowledge as to who sent
> the message
That is not true. For example you can't detect a replay or MitM
attack.
Further even r
On Fri, 08 Jan 2010 15:03:53 -0500 Benjamin Donnachie wrote:
>2010/1/8 :
>> At any rate, it seems disturbingly easy to distinguish between
>> symmetrically encrypted messages having only the word 'yes' or
>'no'
>> just by 'looking' at the ciphertext.
>
>i. Don't send such short messages
>ii. Do
2010/1/8 :
> At any rate, it seems disturbingly easy to distinguish between
> symmetrically encrypted messages having only the word 'yes' or 'no'
> just by 'looking' at the ciphertext.
i. Don't send such short messages
ii. Don't use symmetric encryption.
Ben
have been playing around with symmetrical encryption, and noticed
something potentially concerning.
Here are 6 symmetrically encrypted short plaintexts:
-BEGIN PGP MESSAGE-
Version: GnuPG v1.4.9 (MingW32)
Comment: passphrase sss
jA0ECgMIml0qMoARY01g0kUBK8nPnLhmkn4QbxiOvxyn9eqhkzr5mNIw