Instead of padding, leave the symmetric key algorithm unencrypted in X25519 and X448 (!266) · Merge requests · openpgp-wg / rfc4880bis

Daniel Huigens requested to merge twisstle/rfc4880bis:no-v3-pkesk-cfrg-padding into main Mar 20, 2023

This reverts !257 (merged), and offers an alternative solution to #157 (closed).

Instead of adding padding, only encrypt the session key itself, and leave the symmetric key algorithm identifier unencrypted, in the case of v3 PKESK packets.

Since the session key size can't be obfuscated in the X25519 and X448 algorithms, encrypting the symmetric algorithm identifier offers little added value.

Admin message

Instead of padding, leave the symmetric key algorithm unencrypted in X25519 and X448

Merge request reports