(Fwd) OpenPGP flaw prompts quick fix
Stefan Kelm
stefan.kelm at secorvo.de
Fri Feb 11 05:22:05 EST 2005
http://www.pgp.com/library/ctocorner/openpgp.html
10 Feb 2005
Today, cryptographers Serge Mister and Robert Zuccherato from Entrust
released a paper outlining an attack on the way OpenPGP does symmetric
cryptography. They have been kind enough to give the OpenPGP community
advance notice of their paper, and it is thus the subject of this CTO
Corner article, which I'm writing in cooperation with David Shaw of Gnu
Privacy Guard (GnuPG), Brian Smith of Hush Communications, Derek Atkins
of the OpenPGP Working Group, and Phil Zimmermann. In it, we'll discuss:
- What this discovery means to OpenPGP users
- Details of the attack and how it works
- What software and standards developers are doing about it
We in the OpenPGP community feel strongly about the quality of our work
and appreciate the trust the world places in us. OpenPGP is arguably the
most used and most relied-upon cryptosystem for messages and files.
Consequently, it is our obligation to describe any problems with the
standard and proposed resolution of those problems.
[...]
--------------------------------------------------------
Unsere Anschrift und Telefonnummer haben sich geaendert!
--------------------------------------------------------
Stefan Kelm
Security Consultant
Secorvo Security Consulting GmbH
Ettlinger Straße 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
stefan.kelm at secorvo.de, http://www.secorvo.de/
-------------------------------------------------------
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list