[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Paranoid

To: [email protected]
Subject: Re: Paranoid
From: Derek Atkins <[email protected]>
Date: Fri, 29 Oct 93 01:22:19 EDT
In-Reply-To: Your message of Fri, 29 Oct 93 00:00:09 -0500. <[email protected]>

> Does PGP compress the text before it is encoded?

Yes.  It uses the zip algorithm (I think) as its compression engine.

> Does this allow a cracker to search for the compression's signature
> after every attempt?

Every attempt?  You mean every attempt at encryption?  Well, yes and
no.  Yes, there is a semi-known plaintext inside the encrypted data.
It is unknown if this can help an attacker.

> Is there a checksum that a cracker could use to test for success after
> every attempt?

The only checksums are the ASCII-armor checksums, and the MD5 hash
which is inside the RSA signature.  Other than these, there are no
checksums.  Neither of these can be used to aid an attacker.

> Would using UUENCODE on the text and deleting the "begin/end" lines
> before encrypting it have a synergistic effect on the difficulty of
> cracking a secret key from that particular message?

This would give an attacker even MORE of a plaintext attack, since
this will create lines of 64 characters, starting with an "M", which
gives a regular pattern to the plaintext.

> Is there an easy way to generate keys larger than 1024 bits?

No.  However given current technology and assuming no significant
breakthroughs in factoring algorithms, a 1024 bit key wont be broken
for over a million year (significantly more, if I recall).

Hope this helps.

-derek

References:
- Paranoid
  - From: [email protected]

Prev by Date: ViaCrypt PGP
Next by Date: RE: pgp and procmail
Prev by thread: Paranoid
Next by thread: Paranoid
Index(es):
- Date
- Thread