vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-10 19:59:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

Standardize on kebab case for explicit targets

Browse source 
Signed-off-by: David Runge <dave@sleepmap.de>
This commit is contained in:
David Runge 2023-12-12 16:12:57 +01:00
parent 76c70d85ec
commit 144f10a526
No known key found for this signature in database
GPG key ID: 90D4B9641E092971
23 changed files with 140 additions and 140 deletions
Download patch file Download diff file Expand all files Collapse all files

4
book/source/adv/decryption.md
View file

@ -5,7 +5,7 @@ SPDX-License-Identifier: CC-BY-SA-4.0
# Advanced material: Decryption
(decryption_seipd_quick_check)=
(decryption-seipd-quick-check)=
## Verify successful session key decryption
SEIPDv1 packets might make use of a "quick check" mechanism to quickly verify that the correct session key was used without the need to decrypt the whole SEIPD packet.
@ -16,7 +16,7 @@ Since the chance to accidentally end up with matching quick check bytes albeit t
The standard [warns against](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-risks-of-a-quick-check-orac) using the quick check mechanism, as it introduces the risk of a decryption oracle. Instead, the use of SEIPDv2 is recommended, as the AEAD mechanism automatically detects use of the wrong session key early on after the first chunk has been decrypted.
(decryption_anonymous_recipient)=
(decryption-anonymous-recipient)=
## Anonymous recipients
Having all recipients keys listed as part of the PKESK packets presents a metadata leakage. An observer can easily enumerate recipients of a message by comparing the PKESKs with certificates of potential recipients.