2

This is not a question about whether I should encrypt or sign first, as I've read here.

Rather, it's about whether I should sign, then encrypt, then sign again.

Because as far as I know, there is no way of knowing a sender identity before decrypting. And if a malicious party were to encrypt some virus, only after decryption would I know that what was sent is a virus. Which by then would already be too late, in some cases, especially if the virus is exploiting a bug present in the decryption method to execute code.

However, this problem could be circumvented altogether if I know in advance the sender identity, and strictly decrypt only from trusted signatures.

This protocol then required a double signature. First to sign the content itself to prove ownership (of course with the content containing the intended recipient's name). Second to encrypt it so that only the intended recipient may see the content. Third to sign the encrypted message for the recipient to decide whether to even bother decrypting the message.

So my question is if this, double signing (before and after encryption), is an over complication, or if this is a legit method of security?

Desmond Rhodes
  • 101
  • 5
  • For OpenPGP the same kind of packets are used for encryption as for signature. As the symmetric cipher itself is unlikely to contain e.g. a buffer overflow, I don't see how a signature is going to save you from that (as you need to parse the packets before you verify the signature). There was a well known bug in the authentication code for Windows where a badly formed certificate could be used to attack the system before you were even logged in. – Maarten Bodewes Jan 06 '21 at 22:33
  • So basically, there is simply no way around malicious messages? – Desmond Rhodes Jan 07 '21 at 07:34
  • More generally, I would say it is hard to protect against buffer overflows by adjusting the message that is send if it is complex enough. However, it is very possible to create counter measures against buffer overflows and to take extra care when designing a cryptographic library. – Maarten Bodewes Jan 07 '21 at 09:15
  • I see, so the security, to be effective, must be from the program itself, rather than from the user. I guess that's fair, but not always applicable. Preferably, there is something that a user can also do the help. – Desmond Rhodes Jan 07 '21 at 20:53
  • 1
    Hmm, generally I don't believe in user based security. Systems should be made as secure as possible, and not have to rely on users (or at least steer them in the right direction). Some users will of course be secure, but yeah, not everybody is a security professional, and neither should they. – Maarten Bodewes Jan 07 '21 at 21:01

0 Answers0