[Cryptography] Attacks on PGP (and allegedly S/MIME)
Phillip Hallam-Baker
phill at hallambaker.com
Mon May 14 11:14:58 EDT 2018
There is a new attack going round. Whether it is significant or not is
debatable since it rather depends on the plaintext of the ciphertext being
attacked being a URL fragment. But still...
https://efail.de/
Rather more interesting is the gadget attack. I think this is further
support for my approach of using a key derivation function to obtain the
encryption, authentication keys and IV from the session key.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180514/2f976478/attachment.html>
More information about the cryptography
mailing list