pgpfan:mdc
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
pgpfan:mdc [2022/05/28 20:14] – Typo b.walzer | pgpfan:mdc [2022/07/18 22:56] – Link to new editorial b.walzer | ||
---|---|---|---|
Line 56: | Line 56: | ||
The MDC uses the SHA1 method for the hash. Not everyone knows that the discovered weakness in SHA1 is irrelevant to the MDC. I suppose you could redefine it as the "MDC hash" and specify that it only needs to be irreversible to prevent unnecessary angst. In general, the MDC is likely to be resistant to weaknesses in the hash due to the fact that the stored hash is encrypted and randomized by the random data which makes it very hard to mess with. | The MDC uses the SHA1 method for the hash. Not everyone knows that the discovered weakness in SHA1 is irrelevant to the MDC. I suppose you could redefine it as the "MDC hash" and specify that it only needs to be irreversible to prevent unnecessary angst. In general, the MDC is likely to be resistant to weaknesses in the hash due to the fact that the stored hash is encrypted and randomized by the random data which makes it very hard to mess with. | ||
- | The MDC is secure and is well suited to the sort of offline encryption that the OpenPGP standard embodies. Proposals to add one or more encrypted authenticated modes and depreciate the MDC don't make sense to me. We would be better off if we simply did nothing. | + | The MDC is secure and is well suited to the sort of offline encryption that the OpenPGP standard embodies. |
=====A Less Intuitive, More Technical Explanation===== | =====A Less Intuitive, More Technical Explanation===== | ||
- | OCFB-MDC is a case of hash then encrypt. The cipher block mode used is the modified version of cipher feedback used by OpenPGP (OCFB). The modification is | + | OCFB-MDC is a case of hash then encrypt. The cipher block mode is the modified version of cipher feedback used by OpenPGP (OCFB). The modification is |
the addition of a prefix block consisting of random data. The traditional CFB initialization vector (IV) is replaced by the encryption of a block of zeros. | the addition of a prefix block consisting of random data. The traditional CFB initialization vector (IV) is replaced by the encryption of a block of zeros. | ||
This serves to prevent an attacker from being able to get access to either the IV or the plaintext value of the random data prefix block. | This serves to prevent an attacker from being able to get access to either the IV or the plaintext value of the random data prefix block. |
pgpfan/mdc.txt · Last modified: 2023/12/11 13:30 by b.walzer