On 20.11.2013 06:43, Glenn Washburn wrote: > Modifying the cipher text just > manifests as random data corruption of the plain text device, again not > a security issue and nothing that signatures would prevent. It's a security threat. Imagine you have somewhere a routine which verifies SSH-key when connecting by network. Replace it with random data. With some significant probability this decodes to valid opcodes but which do no check. Now everyone can use your SSH. encryption provides secrecy. Signatures provide verification. Using one to achieve the other will always fail.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
