[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: weak point of PGP implementation

To: [email protected] (cypherpunks)
Subject: Re: weak point of PGP implementation
From: [email protected]
Date: Tue, 26 Jan 1993 23:38:27 -0500 (EST)
In-Reply-To: <[email protected]> from "Eric Hughes" at Jan 26, 93 07:27:40 pm
Reply-To: [email protected]

Eric Hughes says:
> Matt mentions three potential weaknesses in PGP: RSA key length, the
> IDEA cypher, the pass phrase.

Probably the first two even a paranoid person won't call "weaknesses".
The pass-phrase - th docs should give some guidelines, as to how one
must choose his pass-phrase (if it's already there - apologies :-).

> Let me add:

And now you're talking! (:-)

> 4. The random number generator used to make session keys.  If this is
> weak, then an opponent might be able to guess them feasibly.  This attack
> does not require breaking the underlying cryptography.
>
> 5. Weak random numbers for RSA key generation.  If the numbers in the
> random number pool are not as random as they should be, then one might
> simply simulate the prime generation algorithm and compile a table of
> potential PGP primes.

It looks  like that [former] Soviet professor found and pointed out
exactly those weaknesses: poor RSA keys (making factoring about two
orders of magnitude easier) and poor something else (I couldn't
understand what he meant, sorry :-). Quite possible he hit
session keys (as likely as not)...
--
Regards,
Uri         [email protected]      scifi!angmar!uri 	N2RIU
-----------
<Disclamer>


From cypherpunks-request  Tue Jan 26 21:28:06 1993

References:
- weak point of PGP implementation
  - From: Eric Hughes <[email protected]>

Prev by Date: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION)
Next by Date: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION)
Prev by thread: weak point of PGP implementation
Next by thread: Remailer Changes
Index(es):
- Date
- Thread