Timeline for Should one really disable AEAD for recent GnuPG created PGP keys?
Current License: CC BY-SA 4.0
5 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 5 at 13:24 | comment | added | Tobias Leupold | A nice answer was given there: security.stackexchange.com/questions/275883/… | |
| Mar 4 at 6:27 | comment | added | Tobias Leupold | Thanks for the hints. I'll ask at security.SX additionally as you advised. | |
| Mar 4 at 1:03 | comment | added | dave_thompson_085 | ... Note this is independent of the keypair(s). You can use AEAD/OCB on any of RSA DSA/EG or ECC keypairs, and you can use not-AEAD/OCB on any of them. Ed25519 cannot encrypt, but is usually used with a cv25519 subkey; as long as your systems (all) support these, they are considered quite secure. | |
| Mar 4 at 0:58 | comment | added | dave_thompson_085 | en.wikipedia.org/wiki/… and more specifically en.wikipedia.org/wiki/OCB_mode are relatively recent advances that provide more robust integrity protection against possible tampering of your data than the standard-OpenPGP MDC (Manipulation Detection Code), but for data you don't exchange with other people/systems (and I sure hope you aren't sending your password file to other people!) this is probably unnecessary. If you want to go into this in more detail, security.SX is probably more suitable. ... | |
| Mar 3 at 19:22 | history | asked | Tobias Leupold | CC BY-SA 4.0 |