decryption outputs to stdout before verification
Bruce Walzer
bwalzer at 59.ca
Sun Oct 26 18:48:56 CET 2025
On Sat, Oct 25, 2025 at 06:52:24PM -0500, Tennyson T Bardwell via Gnupg-users wrote:
[...]
> I think that I misunderstood the gaps between integrity, authentication,
> and signing (tamper-detection vs knowledge of some key vs
> non-repudiation).
I think that this is a lot simpler than you are assuming. You get authentication and integrity from signing the message/file. You just get integrity from things like OCFB-MDC (SEIP). The stuff about authenticated encryption is just a figure of speech in this case. Does my article help?
https://articles.59.ca/doku.php?id=pgpfan:pgpauth
Bruce
More information about the Gnupg-users
mailing list