Deniability
Jerome Baum
jerome at jeromebaum.com
Tue Mar 22 20:17:35 CET 2011
David Shaw <dshaw at jabberwocky.com> writes:
> Hmm. I'm not sure you and I are on the same page with this attack. I
> don't think that Alice's rigged message to Baker necessarily needs to
> be forged to come from the original sender. Alice can send the
> message to Baker as herself, with no special signing or other trickery
> to fool Baker about the origin of the message. She can even sign it
> (as herself) if she wants. The contents of the message just need to
> be something Baker would naturally reply to.
Yeah I got a bit carried off there. So any way to counter that, besides
keeping a list of (hash(cryptd-text), hash(session-key | random-parts))
to warn you if one is reused? Obviously that is a pretty dumb way, so is
there any way at all to counter a session-key-reuse attack?
--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 880 bytes
Desc: not available
URL: </pipermail/attachments/20110322/02ac07fa/attachment.pgp>
More information about the Gnupg-users
mailing list