Adaptive-CCA on OpenPGP Revisited
- 709 Downloads
E-mail system has become one of the most important and popular Internet services. Instead of using traditional surface mail, we have the alternative of employing e-mail system which provides a reliable and efficient message delivery. However, in the electronic era, privacy, data integrity, and authentication requirements turn out to be especially unavoidable. Secure e-mail system specifications and software developments have been widely discussed in the past decade. Among which OpenPGP is a widespread and well known specification, and PGP becomes a famous implementation. But only limited security analyses on both theoretical and practical aspects about secure e-mail system has been considered previously. In this paper, new chosen ciphertext attacks against the latest version of OpenPGP are proposed with detailed analysis. Furthermore, a new vulnerability due to system version backward compatibility will be pointed out.
KeywordsChosen ciphertext attack (CCA) E-mail Encryption mode Message format OpenPGP PGP
Unable to display preview. Download preview PDF.
- 1.Garfinkel, S.: PGP: pretty good privacy. O’Reilly, Sebastopol (1995)Google Scholar
- 2.Zimmerman, P.: The official PGP user’s guide. MIT Press, Cambridge (1995)Google Scholar
- 3.Atkins, D., Stallings, W., Zimmermann, P.: PGP message exchange formats. RFC 1991 (August 1996)Google Scholar
- 4.Callas, J., Donnerhacke, L., Finney, H., Thayer, R.: OpenPGP message format. RFC 2440 (November 1998)Google Scholar
- 5.Callas, J., Donnerhacke, L., Finney, H., Thayer, R.: OpenPGP message format. RFC 2440, draft 09 (October 2003)Google Scholar
- 6.National Bureau of Standards, DES modes of operation, NBS FIPS PUB 81, U.S. Department of Commerce (December 1980)Google Scholar
- 7.Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: Proc. of the 38th Symposium on Foundations of Computer Science, FOCS 1997, IEEE, Los Alamitos (1997)Google Scholar
- 9.Katz, J., Schneier, B.: A chosen ciphertext attack against several e-mail encryption protocols. In: Proc. of the 9th USENIX Security Symposium (2000)Google Scholar
- 11.Bleichenbacher, D.: Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998)Google Scholar