Differences

This shows you the differences between two versions of the page.

--- pgpfan:ocfb [2022/12/27 22:45] – More truth. b.walzer
+++ pgpfan:ocfb [2022/12/27 22:56] (current) – More truth. b.walzer
@@ Line 15: / Line 15: @@
 {{ocfb.svg}}
-Now we have a fixed value of zero where the unique value used to be. So the attacker no longer has any ability to modify it. The result of encrypting a zero value produces an unpredictable value based on the key the attacker does not know. That value is combined with the unique value (that the attacker also doesn't know) and is encrypted. This encrypted value now becomes the start of the message (it is thrown away after decryption). This scheme provides the benefit of the conventional method while providing the attacker no useful information. Attempts to, say, chop off the start of the message will result in the traditional cipher feedback penalty.
+Now we have a fixed value of zero where the unique value used to be. So the attacker no longer has any ability to modify it. The result of encrypting a zero value produces an unpredictable value based on the key the attacker does not know. That value is combined with the unique value (that must be random in this case so that the attacker can't guess it) and becomes the start of the message (it is thrown away after decryption). This scheme provides the benefit of the conventional method while providing the attacker no useful information. Attempts to, say, chop off the start of the message will result in the traditional cipher feedback penalty.
 This OpenPGP cipher feedback (OCFB) scheme works very well in combination with the OpenPGP [[pgpfan:mdc|Modification Detection Code]].