MDC and GnuPG as a filter
Florian Weimer
Weimer at CERT.Uni-Stuttgart.DE
Mon Aug 12 16:58:01 CEST 2002
It looks as if an application should start processing the decrypted
data only after the MDC packet has been verified. (Have a look at
this paper: http://www.counterpane.com/pgp-attack.html -- most of you
probably know it already.)
Unfortunately, this breaks one-pass processing for OpenPGP data. The
whole plaintext has to be stored, and in general, processing can only
begin after all data has been received. :-(
Or am I missing something?
--
Florian Weimer Weimer at CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT fax +49-711-685-5898
More information about the Gnupg-devel
mailing list