vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-23 08:02:05 +01:00
Code Issues Projects Releases Packages Wiki Activity

simplify AEAD language, correct punctuation of footnote

Browse source
This commit is contained in:
Tammi L. Coles 2023-10-12 17:39:16 +02:00 committed by Heiko Schaefer
parent 4d0fbb3f43
commit 61f8a76bd6
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
book/source/03-cryptography.md
View file

@ -59,15 +59,15 @@ Where symmetric keys are used in OpenPGP for data encryption, they are called ei
### Authenticated encryption with associated data (AEAD)
[Authenticated encryption](https://en.wikipedia.org/wiki/Authenticated_encryption) is a class of cryptographic schemes that gives additional guarantees besides confidentiality.
[Authenticated encryption](https://en.wikipedia.org/wiki/Authenticated_encryption) offers more than just confidentiality; it ensures data integrity too.
In OpenPGP version 6, AEAD was introduced as a successor to the MDC[^MDC] mechanism. AEAD is a common mechanism to solve the problem of "malleability": In past versions of the OpenPGP protocol, some malicious changes to ciphertext were undetectable. AEAD protects against undetected changes of ciphertext.
In OpenPGP version 6, AEAD replaced the MDC[^MDC] mechanism to address malleability. In earlier OpenPGP versions, malicious alterations to ciphertext might go unnoticed. AEAD guards against such undetected changes.
[^MDC]: In OpenPGP version 4, a mechanism called MDC (Modification Detection Code) was introduced to serve a comparable purpose as AEAD. While MDC is a non-standard mechanism, as of this writing, there are no known attacks against the scheme.
Protecting against malleability counters a variation of the EFAIL[^efail] attack.
By addressing the malleability problem, AEAD also counters a variation of the EFAIL[^efail] attack.
[^efail]: A variation of the [EFAIL](https://en.wikipedia.org/wiki/EFAIL) attack can be prevented by both the MDC and AEAD mechanisms. Also see ["No, PGP is not broken, not even with the Efail vulnerabilities"](https://proton.me/blog/pgp-vulnerability-efail), especially the section "Malleability Gadget Exfiltration Channel Attack".
[^efail]: A variation of the [EFAIL](https://en.wikipedia.org/wiki/EFAIL) attack can be prevented by both the MDC and AEAD mechanisms. Also see ["No, PGP is not broken, not even with the Efail vulnerabilities,"](https://proton.me/blog/pgp-vulnerability-efail) especially the section "Malleability Gadget Exfiltration Channel Attack."
## Public-key, or asymmetric cryptography