[Cryptography] [openpgp] OpenPGP SEIP downgrade attack

Watson Ladd watsonbladd at gmail.com
Thu Oct 8 12:23:52 EDT 2015 

On Oct 8, 2015 12:21 PM, "Werner Koch" <wk at gnupg.org> wrote:
>
> On Thu,  8 Oct 2015 16:59, pgut001 at cs.auckland.ac.nz said:
>
> > (It's also not clear whether someone encrypting a 10k email message
with PGP
> > is going to notice it being processed at 100MB/s or 150MB/s).
>
> I heard of backups somewhat larger than that.  For mail it is anyway not a
> problem - you sign and encrypt and you are done.  Not even a need for an
> MDC.

Does this provide the right agreement semantics for both sender and
recipient? It certainly doesn't solve the security issues with CFB mode.

>
> > (I actually really like OCB and don't like GCM much, but the patent
situation
> > makes it pretty problematic).
>
> Well, for the majority of uses cases there is a gratis license grant
> from Phil Rogaway for his patents.
> Further daft-zauner-tls-aes-ocb-03.txt states:
>
>    6.  Intellectual Propery Rights Issues
>
>    Historically OCB Mode has seen difficulty with deployment and
>    standardization because of pending patents and intellectual rights
>    claims on OCB itself.  In preparation of this document all interested
>    parties have declared they will issue IPR statements exempting use of
>    OCB Mode in TLS from these claims.  Specifically - OCB Mode as
>    described in this document for use in TLS - is based, and strongly
>    influenced, by earlier work from Charanjit Jutla on [IAPM].
>
> At IETF-93 this case was mentioned and it was suggested to ask for a
> similar licenses exception [1,2] if we consider to use OCB for OpenPGP.
>
>
> Salam-Shalom,
>
>    Werner
>
>
> [1] https://datatracker.ietf.org/ipr/2647/
> [1] https://datatracker.ietf.org/ipr/2640/
>
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
>
> _______________________________________________
> openpgp mailing list
> openpgp at ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151008/386078da/attachment.html>

More information about the cryptography mailing list