Perhaps I should add that it takes real research and formal proof to show that
this randomized hashing doesn't add attack vectors, and I have been glossing
over that. But that is because at a glance it looks like such research has been
done. That doesn't mean it's a fact that there are no significa
On 27/11/14 06:55, NdK wrote:
> 1) who guarantees that the 'r' seen by the receiving party is the same
> generated by the signer? Since it's usually trivially combined with
> source text, I feel it's a huge attack vector
The purpose of the signature is to ascertain that the OpenPGP message has not
Il 26/11/2014 20:39, Peter Lebbing ha scritto:
> On 26/11/14 20:31, NdK wrote:
>> Well, IIUC with rhash you're giving the attacker another mean to tamper
>> with your message. Unless 'r' is chosen deterministically.
> 'r' is randomly generated for each signature by the /signing/ party. So the
> att
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Peter,
I just wanted to say thank you very much for the explanation. It was very
enlightening.
I especially like the fact that, despite nobody asking specifically about
SHA-1, you
still decided to take the time to write a lengthy message explainin
On 26/11/14 20:31, NdK wrote:
> Well, IIUC with rhash you're giving the attacker another mean to tamper
> with your message. Unless 'r' is chosen deterministically.
'r' is randomly generated for each signature by the /signing/ party. So the
attacker loses control over the input to the hashing algo
Il 26/11/2014 20:15, Peter Lebbing ha scritto:
> Has something like randomized hashing[2] been considered by the OpenPGP
> standardization people?
Well, IIUC with rhash you're giving the attacker another mean to tamper
with your message. Unless 'r' is chosen deterministically. But then it
can be p
(By the way, how did the topic
- gpg.conf: settings for security and compatibility
ever get confused with the topic
- Setpref is not working or is it a bug or something?
because this definitely is the former but is called the latter. Also, @g, as you
apparently call yourself, you seem to start a ne
