On 6/27/2014 3:14 AM, Werner Koch wrote: > Assuming the sender uses a decent implementation, the attacker must have > been able to modify the senders system by changing the code or the > config files.
Nope. It took me about fifteen seconds to come up with a way to do this with acceptable (if not-100%) probability of success and acceptable (but extremely low) probability of intercept. Tomorrow I'll post my method to the list. If I can come up with a method to degrade things to 3DES in fifteen seconds, then I believe the people who do this stuff professionally have spent at least a few weeks inventing and perfecting other methods. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users