[Cryptography] Does PGP use sign-then-encrypt or encrypt-then-sign?
Alexandre Anzala-Yamajako
anzalaya at gmail.com
Wed Jan 22 18:05:31 EST 2014
I think signing ciphertexts is generally a best practice, and
> certainly not a "mortal sin".
>
In the public key world, signing ciphertexts not only reveals the identity
of the sender but also allow relay attacks where a guy intercepts a signed
message, strips it from his signature and replaces it with its own.
Depending on the protocol it can be a problem.
I think the encrypt-sign-encrypt solution solves both of those problems
--
Alexandre Anzala-Yamajako
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140123/75aa2812/attachment.html>
More information about the cryptography
mailing list