Adaptive-CCA on OpenPGP Revisited
نویسندگان
چکیده
E-mail system has become one of the most important and popular Internet services. Instead of using traditional surface mail, we have the alternative of employing e-mail system which provides a reliable and efficient message delivery. However, in the electronic era, privacy, data integrity, and authentication requirements turn out to be especially unavoidable. Secure e-mail system specifications and software developments have been widely discussed in the past decade. Among which OpenPGP is a widespread and well known specification, and PGP becomes a famous implementation. But only limited security analyses on both theoretical and practical aspects about secure e-mail system has been considered previously. In this paper, new chosen ciphertext attacks against the latest version of OpenPGP are proposed with detailed analysis. Furthermore, a new vulnerability due to system version backward compatibility will be pointed out.
منابع مشابه
An Attack on CFB Mode Encryption as Used by OpenPGP
This paper describes an adaptive-chosen-ciphertext attack on the Cipher Feedback (CFB) mode of encryption as used in OpenPGP. In most circumstances it will allow an attacker to determine 16 bits of any block of plaintext with about 2 oracle queries for the initial setup work and 2 oracle queries for each block. Standard CFB mode encryption does not appear to be affected by this attack. It appli...
متن کاملOpenPGP-Karten mit biometrischer Benutzerauthentisierung
Zusammenfassung: OpenPGP-Karten sind Smartcards, die private OpenPGP-Schlüssel sicher speichern und Entschlüsselungsund Signierfunktionen bereitstellen. Der Benutzer einer OpenPGP-Karte muss sich gegenüber der Karte authentisieren. Dieser Beitrag beschreibt die prototypische Implementierung von OpenPGP-Karten mit biometrischem On-Card-Matching. Außerdem wird die Integration der Komponenten zur ...
متن کاملRethinking OpenPGP PKI and OpenPGP Public Keyserver
OpenPGP, an IETF Proposed Standard based on PGP R © application, has its own Public Key Infrastructure (PKI) architecture which is different from the one based on X.509, another standard from ITU. This paper describes the OpenPGP PKI; the historical perspective as well as its current use. We also compare three PKI technologies standardized by IETF: OpenPGP, PKIX(X.509), and SPKI/SDSI. Since the...
متن کاملChosen Ciphertext Secure Encryption under Factoring Assumption Revisited
In Eurocrypt 2009, Hofheinz and Kiltz proposed a practical chosen ciphertext (CCA) secure public key encryption under factoring assumption based on Rabin trapdoor one-way permutation. We show that when the modulus is special such that Z∗ N has semismooth order, the instantiation of Hofheinz-Kiltz 09 scheme (HK09) over a much smaller subgroup of quadratic residue group (Semi-smooth Subgroup) is ...
متن کاملCausal commutative arrows revisited Causal commutative arrows revisited
Causal commutative arrows (CCA) extend arrows with additional constructs and laws that make them suitable for modelling domains such as functional reactive programming, differential equations and synchronous dataflow. Earlier work has revealed that a syntactic transformation of CCA computations into normal form can result in significant performance improvements, sometimes increasing the speed o...
متن کامل