[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Fwd: KWallet weaknesses
From: Dirk Mueller <mueller () kde ! org>
Date: 2003-12-09 0:09:19
[Download RAW message or body]
On Monday 08 December 2003 23:10, Werner Koch wrote:
> Either PKCS#5 or the S2K code from OpenPGP. Here is an implementation
> under the GPL from gnupg-1.9/agent/protect.c derived from gnupg:
This doesn't seem to be selfcontained.
> > b) You said that the version numbers will allow replay attacks. Though I
> > don't
> I talked about a rollback attack, that is at one time you change the
> algorithm because a weakness was found in Blowfish and under certain
> conditions an attacker might be able to trick you to use Blowfish
> again even you are using the modern-ultra-resistant-algorithm.
In such a case we would support the old protocol for importing. As long as we
don't write the old blowfish then I can not see how one can possibly perform
such an rollback attack.
> There
> is no immediate need but you should think about it when you allow for
> different algorithms. BTW, even Schneier is not anymore certain of
> his Blowfish; all other modern algorithm have meanwhile been better
> analyzed than Blowfish.
Which one would you recommend?
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic