On Mon, 11 Jan 2010 13:06:03 -0500, lists.gnupg-us...@mephisto.fastmail.net
wrote:
> Forgive me, but how is a MitM attack possible against a symmetric cypher
> using a shared, secret key?
For example by swapping messages. Two messages are sent on two
out-of-band events one which says Yes and th
On Sun, 10 Jan 2010 14:02 +0100, "Werner Koch" wrote:
> On Sun, 10 Jan 2010 04:44:35 -0500, ved...@hush.com wrote:
>
> > symmetrical encryption is a simple way to avoid signing, while
> > still maintaining relative reliability of knowledge as to who sent
> > the message
>
> That is not true.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 10th 2010 in gnupg-users@gnupg.org thread "very short
plaintexts symmetrically encrypted"
>then there should be some sort of alert or advisory that the
>plaintext should be a minimum length (whatever that minimum length or
>alert/advisory sh
On Sun, 10 Jan 2010 04:44:35 -0500, ved...@hush.com wrote:
> symmetrical encryption is a simple way to avoid signing, while
> still maintaining relative reliability of knowledge as to who sent
> the message
That is not true. For example you can't detect a replay or MitM
attack.
Further even r
On Fri, 08 Jan 2010 15:03:53 -0500 Benjamin Donnachie wrote:
>2010/1/8 :
>> At any rate, it seems disturbingly easy to distinguish between
>> symmetrically encrypted messages having only the word 'yes' or
>'no'
>> just by 'looking' at the ciphertext.
>
>i. Don't send such short messages
>ii. Do
2010/1/8 :
> At any rate, it seems disturbingly easy to distinguish between
> symmetrically encrypted messages having only the word 'yes' or 'no'
> just by 'looking' at the ciphertext.
i. Don't send such short messages
ii. Don't use symmetric encryption.
Ben
