PGP hole
Michael Handler
grendel at netaxs.com
Fri Sep 30 02:44:19 PDT 1994
On Fri, 30 Sep 1994, Alan Barrett wrote:
> > The bug seems to be present in all versions (even the ViaCrypt versions
> > have this problem). It has been reported as a bug to the MIT pgp-keepers.
>
> The "bug" looks like a deliberate design decision to me. Everything from
> the "--- BEGIN PGP" line to the first blank line is ignored, and is not
> considered part of the signed message. There's a comment in the source
> code (file armor.c in the versions I checked), saying "Skip header after
> BEGIN line".
Yes, this was a deliberate design decision, most probably so the
same code could be used to parse --- BEGIN PGP ENCRYPTED MESSAGE --- and
--- BEGIN PGP SIGNATURE ---. However, this is a _huge_ security hole, as
it allows the nearly-undetectable modification of PGP-signed messages.
Mike
--
Michael Handler <grendel at netaxs.com>
PGP public key available 1984: We're Behind Schedule
Civil Liberty Through Complex Mathematics
More information about the cypherpunks-legacy
mailing list