On Mon, 12 Aug 2002 11:45:26 -0600, aleph1 said: > must be taken into account in order to maintain confidentiality. We also > recommend changes in the OpenPGP standard to reduce the effectiveness of our > attacks in these settings. Countermeasures are defined in the OpenPGP drafts since October 2000. This MDC (Manipulation Detection Code) feature is supported since PGP 7.0 (decryption only) and GnuPG 1.0.2. The latest OpenPGP draft (06) even changed the wording to strongly suggest the use of the MDC feature. We have already changed the GnuPG development version to emit an error and not only a warning when a corrupt MDC hash is detected, so that frontends can't ignore the warning. GnuPG uses MDC when either Twofish or AES is used as cipher algorithm (selected by the preference system) or when the special MDC flag is listed in the preferences. The option --force-mdc does what you expect. The general problem is that the MDC feature is not compatible with any PGP versions before 7.0 or GnuPG 1.0.2. You won't simply not be able to decrypt a message if you use such a version. If you are running a modern version you should make sure that AES has been enabled in the key preferences. Salam-Shalom, Werner
