|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Shaw wrote:
> In short the attack works like this: Alice sends an encrypted
> message to Charlie. Baker intercepts it, but cannot read it.
> Baker mangles the message in a special way and sends it to Charlie.
> Charlie decrypts it (thinking it is from Baker) and discovers a
> whole lot of gibberish. Charlie replies (quoting the gibberish) to
> Baker, saying "what is this?".
>
> Baker can then use the gibberish to decrypt the original message
> from Alice to Charlie.
Does this compromise the users encryption key or just the session key
for that message?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-nr2 (Windows XP)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/XkPL6QPtAqft/S8RAsbWAKDJuP+scPvqGW44+hj9LEji7ZvL7QCgs4UQ
I2Eiav4KE2AnspGb6gh8bUA=
=TDQO
-----END PGP SIGNATURE-----
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|