There is currently a committee associated with the IETF (Internet Engineering Task Force) diligently working to replace the block encryption mode used by OpenPGP with something else. The thing is, there is nothing actually wrong with the block encryption mode currently used by OpenPGP. It has been in active use for 20 years now with no issues found. Hence the weirdness. The rational, such as it is, seems to come down to the fact that famous cryptographers like other methods better. That would of been significant 20 years ago when the existing standard was being set but carries no weight now.<p>The current proposal is to replace the current mode with three different modes. Those proposed modes are the sort of thing normally used for online connection oriented media like the TLS system used to protect the web. So they only fit awkwardly for the sort of offline non-connection oriented media that OpenPGP is normally used for. The most significant issue relates to the sort of streaming that many OpenPGP applications are expected to do. The proposed modes can't normally do that so the OpenPGP standard has been modified to break the data into blocks to allow the new modes to work. This adds complexity. Extra complexity is known to reduce security and reliability. This ugly hack is entirely unnecessary because, I can not emphasize this enough, there is nothing wrong with the presently used system.<p>Since this is so strange we might as well get some conspiracy theories out of the way... The Snowden leak provided a short list of things the NSA could not get access to. OpenPGP encrypted email was on that list. OpenPGP is used for communications on the dark net. So law enforcement would not mind the loss of interoperability caused by the introduction of a bunch of new encryption modes. The non-technical people that normally use OpenPGP on the dark net probably would not be able to overcome such issues and might have to switch to something else.<p>I seriously doubt there actually is any conspiracy here. My theory is that few understand how the existing system works and as a result automatically assume it doesn't. So the story of Chesterton's fence might apply.<p>I have attempted to produce an explanation of how the existing OpenPGP encryption mode works:<p>* https://articles.59.ca/doku.php?id=pgpfan:mdc | The OpenPGP Modification Detection Code is Actually Good<p>This situation weirded me out enough that I collected my thoughts in the form of an editorial:<p>* https://articles.59.ca/doku.php?id=pgpfan:no_new_ae | Replacing the OpenPGP Encryption Mode is Harmful and Pointless
Is this perhaps related to work by NIST to try to address quantum vulnerabilities?<p><a href="https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms" rel="nofollow">https://www.nist.gov/news-events/news/2022/07/nist-announces...</a>