Results 1 to 5 of 5

Thread: OpenPGP - MDC Packet - SHA1

  1. #1
    Join Date
    Jul 2008
    Location
    UK
    Beans
    42
    Distro
    Ubuntu 8.10 Intrepid Ibex

    Question OpenPGP - MDC Packet - SHA1

    OpenPGP Standard RFC 4880, not really a Linux Question, but as may be using GnuPG on Linux I thought I would ask here

    The Modification Detection Code Packet is defined to use SHA-1, even though it does state in section 13.11. that this can be altered, and gives example methods. However this would cause interoperability, (q1)so I assume there is no standard method of doing this??

    (q2)How much of a threat do you believe this to be? Even though the SHA-1 hash is encrypted within the symmetrically encrypted integrity protected data packet.


    Cheers

    Thomas

  2. #2
    Join Date
    Jan 2008
    Beans
    438

    Re: OpenPGP - MDC Packet - SHA1

    Are you asking if the modification detection code packet is a threat? I think you are completely misunderstanding it. The mdc just makes sure that the message hasn't been tampered with.

  3. #3
    Join Date
    Jul 2008
    Location
    UK
    Beans
    42
    Distro
    Ubuntu 8.10 Intrepid Ibex

    Question Re: OpenPGP - MDC Packet - SHA1

    Quote Originally Posted by Agent ME View Post
    Are you asking if the modification detection code packet is a threat? I think you are completely misunderstanding it. The mdc just makes sure that the message hasn't been tampered with.
    If the message has been altered would this not be a threat? Slightly Confused...
    Last edited by tomehb; March 30th, 2010 at 01:22 AM. Reason: Add Detail

  4. #4
    Join Date
    Jan 2008
    Beans
    438

    Re: OpenPGP - MDC Packet - SHA1

    Are you asking whether it's a threat when the MDC is altered and incorrect, or whether there's a threat changing the MDC to use a different hashing system?

    In the first case, if you get an error that a message's MDC is incorrect, the message was either corrupted or tampered with. You probably shouldn't trust it.

    In the second case, I think you can change what hashing system is used to make the MDC, but people using older software might have trouble decrypting your messages. On linux mailing lists, etc, this probably isn't very likely as most are using a recent version of GPG, but in some corporate contexts where older versions of PGP may be in use, others may run into some trouble.

  5. #5
    Join Date
    Jul 2008
    Location
    UK
    Beans
    42
    Distro
    Ubuntu 8.10 Intrepid Ibex

    Smile Re: OpenPGP - MDC Packet - SHA1

    Quote Originally Posted by Agent ME View Post
    Are you asking whether it's a threat when the MDC is altered and incorrect, or whether there's a threat changing the MDC to use a different hashing system?

    In the first case, if you get an error that a message's MDC is incorrect, the message was either corrupted or tampered with. You probably shouldn't trust it.

    In the second case, I think you can change what hashing system is used to make the MDC, but people using older software might have trouble decrypting your messages. On linux mailing lists, etc, this probably isn't very likely as most are using a recent version of GPG, but in some corporate contexts where older versions of PGP may be in use, others may run into some trouble.
    The latter and also found some info on it....


    http://www.aigarius.com/blog/2009/05...-1-in-openpgp/
    "Brian: SHA-1’s collision-resistance has been compromised, but it is not clear that its one-wayness has been compromised. As Daniel A. Nagy points out, for fingerprints and MDC, collision resistance is unimportant, and only one-wayness matters."
    Cheers

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •